As cyber threats become more complex, businesses face increasing pressure to protect their financial and digital assets. At our recent cybersecurity and fraud-focused event, Strategic Safeguards: Cybersecurity & Fraud for Today’s Business, more than 50 local leaders and professionals gathered to discuss strategies for staying ahead of online fraud and enhancing organizational security.
The event featured financial and operations experts from Drake Bank, Rob Scalia from iComp Payroll & HR, and Dan Sanderson from Cyber Advisors. Based on the event, we have summarized some recommended tips for business owners and leaders to consider to combat cybersecurity and fraud risks.
#1 – Passwords and Multi-Factor Authentication (MFA)
Most people know about strong passwords and multi-factor authentication (MFA). “We preach strong passwords at every level in every system, and the stronger the password, the better,” said Laura Gevik, chief operations officer at Drake Bank. “If you have 25 passwords or 50 passwords, password managers will allow you to house all of the passwords in one location.” Using a password manager not only helps people create strong passwords by eliminating the need to remember them (since they are stored securely), but also adds an extra layer of security by integrating MFA with the password manager.
Rob Scalia and his team at iComp use MFA on almost all of their applications. “Passwords are just something that you know, and so we want to combine that with something that you have, like an app on the phone or something that you are, like biometrics,” he said. Tying both of those together gives extra security. “Everyone has heard my mantra, ‘We don’t sacrifice security for convenience. All my employees are going to say that to you; that’s how important it is for us on our side.”
#2 – Account Security
Verification is a critical step when communicating with your financial institution, and one we take seriously at Drake Bank. Patrice Lewis, our deposit operations officer at Drake Bank, highlighted how the Bank uses callback verifications and security passphrases when calling and assisting clients, and how these small steps have successfully stopped fraud attempts in real time.
Another thing businesses should consider is setting up dual control, which requires two individuals to initiate an ACH or wire transfer, helping prevent fraud and human error. Additionally, setting up transaction alerts can quickly help spot suspicious activity. “A watchtower is pointless if there’s no watchman in it,” said Patrick O’Connor, treasury management officer at Drake Bank.
#3 – Know Where Your Data is Stored
Dan Sanderson from Cyber Advisors also warned of the double-edged nature of artificial intelligence in cybersecurity. “AI is fighting AI now,” he said. “Before you turn it on, make sure your data is secure — because AI will find what you didn’t mean for it to find.” His advice was to invest in the basics — MFA, phishing awareness, backups, and an incident response plan — before chasing advanced technologies.
#4 – Adapt Cybersecurity Into Your Workplace Culture
Making cybersecurity a part of your team’s everyday culture is a great way to keep it top of mind. Laura Gevik explained that our Bank uses KnowB4 to send fake phishing emails to our team at various times, each looking different and relevant to the user’s position. After emails are sent, management can see which employees fell for the trick and require those users to retake security training. “When we first started doing this, about five years ago, it was horrifying,” said Laura. “Over time, people have become more alert.”
Key Takeaways
- Cybersecurity is EVERYONE’S responsibility
- Don’t sacrifice security for convenience
- Take a moment to slow down and think before you react
If you are interested in ways to strengthen your account fraud prevention, visit drake-bank.com to connect with our Treasury Management and Deposit Operations teams for tools, education, and personalized support.
