Cybersecurity, Talent Recruitment Top 2022 Banking Concerns: CSI Survey

Financial institution executives reported fighting cybercrime as their top concern for 2022, followed closely by recruiting and retaining talent amid the Great Resignation, according to a new survey from Computer Services, Inc. (CSI), a Paducah, Ky.-based provider of fintech and regtech solutions.

The company’s annual 2022 Banking Priorities Executive Report, released Wednesday, was based on a survey of 279 executives nationwide, 94.2% of whom identified their institutions as banks, 5.07% as credit unions and 0.72% as “other.” Respondents’ institutions ranged in size from $100 million to greater than $1 billion, with 68% of respondents working for institutions in the $100 million to $500 million asset size range.

Twenty-six percent of respondents named cybersecurity as the most impactful issue in the financial industry, a drop from 34% in 2021. Coming in second at 21% was recruiting/retaining employees – an 11 percentage point increase from last year. These issues were followed by regulatory change (14%), meeting customer expectations (13%), APIs/open banking (10%), cryptocurrencies/blockchain (5%), mergers and acquisitions (4%) and artificial intelligence (3%).

Despite executives’ significant level of concern over cyber threats, few of them (18%) plan to deploy cybersecurity education for customers/members, according to the survey. Employee/board cybersecurity made the top four tactics executives plan to leverage to combat cyber threats at 41%, along with penetration testing/red team exercises (42%), routine social engineering exercises (43%) and recurring vulnerability scanning (44%).

Adding to concerns over a lack of cybersecurity training in the financial services industry, a separate study released Wednesday by file encryption tool provider NordLocker found 31% of employees in the finance sector haven’t had cybersecurity training arranged by their current employer. The Panama City, Panama-based company surveyed 300 U.S. employees in the financial sector in October 2021.

While respondents of the CSI survey ranked their cybersecurity readiness confidence as 3.8 out of 5, a combination of three factors are making that readiness more and more challenging: The increase in digital usage, which has opened up more people and systems to threats; the growing numbness among consumers as more cyberattacks occur; and cybercriminals’ ability to stay a step ahead of institutions, according to CSI.

CSI survey respondents also named the top three cyber threats as employee-targeted phishing/spear phishing (57%), customer-targeted phishing (51%) and ransomware (48%). CSI recommended that institutions conduct top-tier social engineering testing for employees, incorporate robust multi-factor authentication into all applications where employees or customers/members must enter their credentials, and find ways to make cybersecurity education fun and engaging for employees and members/customers.

Of course, in order for a cybersecurity education program to be successful, employees must be recruited and retained – something that financial institutions are struggling with. CSI survey respondents gave their talent retention difficulty level an average ranking of 3.1 out of 5, with only 7% describing their talent retention difficulty as minimal. In terms of acquiring new talent, respondents gave their difficulty level an average ranking of 3.8 out of 5, with less than 3% indicating minimal difficulty.

CSI named the pandemic-induced rise of remote work as a culprit of the talent recruitment and retention challenge, and recommended that institutions outsource technology functions to third-party vendors and develop strategies that help current employees recognize their value.

“Employees at traditional banks and credit unions no longer face a choice between seeking employment at institutions in their local area or moving to a bigger market to find higher-paying opportunities at larger institutions,” the report stated. “Everyone from compliance professionals and technology experts to customer service and marketing staff can do their jobs from the comfort of their own homes in the city of their choice. This creates an environment where institutions must present more lucrative job offers or poach talent from elsewhere to fill open positions.”

Other key findings from CSI’s 2022 Banking Priorities Executive Report included the following:

• To enhance the customer/member experience and expand market share, the majority of respondents said they plan to prioritize digital tools, namely account opening (51%), customer relationship management (43%) and digital lending (36%).
• Although executives on average rated their institutions 4 out of 5 on compliance readiness, regulatory changes remain top of mind, with 14% of respondents naming it their primary concern.
• Considering the new administration, renewed regulatory focus and upcoming requirements, most respondents ranked data privacy (39%) and CECL (20%) as the most important regulatory issues to their institution.