Pub. 14 2019-2020 Issue 6

WWW.NEBANKERS.ORG 16 TECH TALK Jon Waldman , Co-founder and Executive Vice President IS Consulting - SBS CyberSecurity, President - SBS Institute How to Make the Most of Your Annual IT Audit W HEN YOU HEAR THE TERM "BANK ROBBER," A LEATHER- clad outlaw with a burlap bag in one hand and a pistol in the other likely comes to mind. However, modern bank robbers have evolved past Butch Cas- sidy and the Sundance Kid–style holdups. Instead of weapons and a get-away car, all they need is an understanding of computer network systems and a few stolen passwords to infiltrate a bank's database and steal money. According to the Herjavec Group's 2019 Official Annual Cy- bercrime Report, cyberattacks on financial service institutions are on the rise, indicating that banks need to direct their security resources to test their network systems on a more consistent basis. That's where your annual IT audit comes into play, and why you should build a strong, year-round relationship with your IT auditing firm. Unfortunately, IT audits are notoriously dreaded every year because of their high-effort requirements. But for all the ways they are inconvenient, correcting the network and process weak- nesses revealed by an IT audit can protect customers, not to mention save a bank from reputational damage. For that reason, the partnership between a bank and its auditing partner can be a positive, beneficial one. There are plenty of ways to take full advantage of your IT audit partner to both make your annual audit go smoothly and garner the most benefits for your institution. Here are a few tips: Understand that the IT auditing process is going to strengthen your business. • Know that if a negative practice within your bank is brought to your attention, addressing the concern will only HELP your business. • Approach the process with an open mind and a willing- ness to help your IT auditing partner accomplish the tasks at hand.