Financial Sector Hit with Thousands of Cyberattacks

HR shares responsibility to protect data

Roy Maurer By Roy Maurer August 6, 2019
LIKE SAVE

​The recent high-profile theft of credit card applications and Social Security numbers from Capital One's computer network is just one of about 3,500 successful cyberattacks against financial institutions so far this year, according to reports filed with the U.S. Department of the Treasury. If that wasn't bad enough, big banks like Capital One find themselves having to protect data against hundreds of thousands of attempted intrusions each day. Relentless cyberattacks mean HR departments must ensure they comply with and promote security guidelines to protect their companies' business and employee data. 

We've rounded up articles and resources from SHRM Online and other outlets on the news.

Multiple Ways to Break In

The Capital One episode is a reminder that financial institutions are a prime target for cyberthieves and they are still vulnerable, even if banking is more secure than other industry sectors. Over the last several years, companies including Equifax and Morgan Stanley have been attacked with various methods. In some cases, the hackers have taken advantage of weak passwords or sent fake e-mails loaded with malicious computer code that helped them get inside. In others, they have scanned for software that hasn't been kept up-to-date with the latest security fixes. Some hacks took hours while others took months.

(The New York Times)

Worker Training Critical

Employee training at all levels is vital to keeping company data secure. Employees—CEOs included—have been known to click on questionable links, download unauthorized software and engage in other risky behavior that exposes their organizations to cybercrime.

(SHRM Online)

How to Reduce Cyberattack Vulnerability

Making sure remote workers use a virtual private network, requiring strong passwords and limiting employee access to data are some of the ways to protect the company from hackers.

(SHRM Online)

Securing 401(k) Data

401(k) plan cybersecurity is often an afterthought, even at companies that take great care to protect their businesses from cyberthreats. That's because there are no data security rules or standards that specifically address 401(k) plans, and most employers delegate some or all of their plan responsibilities to third-party administrators who they trust have adequate security measures in place.

(SHRM Online)

LIKE SAVE

Job Finder

Find an HR Job Near You
Search Jobs

SPONSOR OFFERS

HR Daily Newsletter

News, trends and analysis, as well as breaking news alerts, to help HR professionals do their jobs better each business day.
temp_image