ABA Banking Journal - July/August 2015 - (Page 50)

> COMMUNICATIONS You've Been Hacked: How Will You BY MERRIE SPAETH I respond? mpErSOnATInG reporters on panels has become one of my favorite pastimes. After ABA's Annual Convention last year, where I played a reporter on a panel examining how to handle a cyber attack, ABA invited me to return for its Risk Management Forum. The scenario was similar: Your bank has been hacked. In this mock scenario, the institution in the hot seat was a billion-dollar bank in the South named Lucky Bank, and the media outlet I represented was "UOMe" TV. how social media platforms such as Facebook and Twitter complicate the communication challenge. Although bank executives may feel they have quite enough legal, technical and operational issues to contend with, communication-both internal and external-is needed across the entire enterprise. You will undoubtedly have to communicate with key audiences before you have all the facts. Typically, you will not have any of the key facts confirmed when you get word through third parties or social media. The first news of the hack came from credit card companies reporting that customers were complaining en masse about unauthorized charges and cancelled charges. A plaintiffs' law firm-Dewey, Cheatham & Howe, borrowed from NPR's "Car Talk"- trolled the Internet looking for bank customers for a class action suit, as did a well-connected, disgruntled blogger called Bankerbabe. Create a timeline beginning with taking the first phone call or reading the first tweet. Consider how you would handle Lucky Bank also received word that the hackers were selling information allowing criminals to access ATMs, so bank personnel were physically reprogramming ATMs outside their branches. Internet-savvy customers noted the workmen and posted pictures of them on Instagram. Bankerbabe called them to my attention at the television station. My role was to ask the questions the media would ask and to illustrate 50 ABA BANKING JOURNAL | JULY/AUGUST 2015 the questions below after the first hour, day or week. On social media, you must have credible responses that convey confidence and inspire trust. And you'll have to deal with these questions from reporters, customers and the general public. If you're lucky, the reporter or customer will call customer service, but they may also be trading rumors on social media. How and when you respond to these kinds of questions will undoubtedly depend on your own bank, the nature and scope of an attack and other considerations, but grappling with the questions will give you a snapshot of your preparedness. Think about how you'll handle questions like this: * I have heard that your bank has been hacked. Can you confirm or deny this? * How many customers have been affected? * What information did the hackers get? Social security numbers? What other kinds of customer data? * What have you told customers? * Who's to blame? * Are you going to change your IT or security providers? * When did you detect the problem? * Did you have any warning signs? * How long were you exposed before discovering it? * Why did you wait to announce it? * What are you trying to cover up? * What kind of liability do you have? * Will you pay for credit counseling for customers?

Table of Contents for the Digital Edition of ABA Banking Journal - July/August 2015

CHAIRMAN'S VIEW
UPFRONT
OPERATIONS
ECONOMIC OUTLOOK
PICTURE THIS
BANKING’S APPALLING REGULATORY STRUCTURE
HOW BANK CULTURE DRIVES SUCCESS
KEY CONSIDERATIONS FOR CREATING SUCCESSFUL BOARDS
VENDOR RISK MANAGEMENT
FIVE RISKS THAT WILL SHAPE BANKING’S FUTURE
CEO SYMPOSIUM
MOBILE BANKING
PAYMENTS
ABA COMPLIANCE CENTER INBOX
INVESTOR PERSPECTIVE
COMMUNICATIONS
REAL ESTATE LENDING
LEGAL BRIEFS
FROM THE STATES
BANKER RECOMMENDED READING
INNOVATIONS IN SOCIAL RESPONSIBILITY
INDEX OF ADVERTISERS

ABA Banking Journal - July/August 2015

https://www.nxtbook.com/naylor/BAKS/BAKS0318
https://www.nxtbook.com/naylor/BAKS/BAKS0218
https://www.nxtbook.com/naylor/BAKS/BAKS0118
https://www.nxtbook.com/naylor/BAKS/BAKS0617
https://www.nxtbook.com/naylor/BAKS/BAKS0517
https://www.nxtbook.com/naylor/BAKS/BAKS0417
https://www.nxtbook.com/naylor/BAKS/BAKS0317
https://www.nxtbook.com/naylor/BAKS/BAKS0217
https://www.nxtbook.com/naylor/BAKS/BAKS0117
https://www.nxtbook.com/naylor/BAKS/BAKS0616
https://www.nxtbook.com/naylor/BAKS/BAKS0516
https://www.nxtbook.com/naylor/BAKS/BAKS0416
https://www.nxtbook.com/naylor/BAKS/BAKS0316
https://www.nxtbook.com/naylor/BAKS/BAKS0216
https://www.nxtbook.com/naylor/BAKS/BAKS0116
https://www.nxtbook.com/naylor/BAKS/BAKS0615
https://www.nxtbook.com/naylor/BAKS/BAKS0515
https://www.nxtbook.com/naylor/BAKS/BAKS0415
https://www.nxtbook.com/naylor/BAKS/BAKS0315
https://www.nxtbookmedia.com