Banks aim for more secure board meetings
In this era of advanced persistent threats (APTs), with well-financed foreign entities bent on acquiring financial intelligence via cyber operations, board security cannot be ignored.
Traditionally, security was not a big deal at all at board meetings. Lots of paper packets were created and emailed around carelessly, with very little concern about hackers. But the environment has changed dramatically, and more bank boards are responding with greater security measures around meetings.
Bank Systems & Technology reports that more bank boards are going paperless. There are lots of benefits, including cost, but security may be the biggest lure.
One executive was quoted as saying, "Everything is highly encrypted and locked down in a secure way. It's far more secure than the paper world. What if one of the executives loses their paper version?"
We're seeing more vendors come up with solutions. Diligent Boardbooks for example has put together an online portal that can digitize just about any document and presents packets to directors electronically in a robust e-book format that allows for notes and messaging.
All this makes perfect sense, but vendors need to be aware of the potential liability they are incurring when they start providing these services to banks, which have been massive targets of both private hackers and APTs. If a vendor achieves an impressive list of bank clients, you can bet that the bad guys will take note and possibly launch operations to retrieve information in unencrypted formats.
This has been tried before. The Nasdaq's Directors Desk service, a Web-based tool that allowed corporate boards to share documents and communicate, was hacked not too long ago. Sensitive documents were compromised. Many directors of big companies were spied upon as they used the system. This threat cannot be taken seriously enough. All banks should review carefully their service agreements in this regard.
- here's the article