Skip to content

Computer Security Threats & Managing IT Resources

Answered by: 

We face new challenges everyday with respect to viruses, ongoing software patches and updates as well new technologies to integrate within our bank. All of these put a strain on our IT resources. How do other banks justify staffing requirements and handle peak demand times?

Times have changed since the Internet and the security risks to network systems, customer information and other cyber threats are steadily on the rise. It is important for senior management and the board to realize that information security involves a continuous risk assessment process, which needs to be proactively managed. As with other risk assessments, it is important to identify the potential threats, assign a relative weight to the threat then identify the solution and the resources needed to put the solution into effect. For example, it might be helpful to develop a simple matrix to delineate the various risks and the associated tasks needed to mitigate the threat.

IDENTIFIED RISK RISK FACTOR SOLUTION RESOURCE ALLOCATION Denial of service attacks 3 – ongoing Firewall monitoring of pace of inbound connections One administrator, 2 hours per week, management Security patch management 5 - ongoing Monitoring of software releases testing and auto deployment of patches One administrator, 4 hours per week, management Virus Management 5 - ongoing Monitor virus threats and auto deployment of virus definitions One administrator, 2 hours per week, management

It is important for the risk matrix to be detailed. For example, different operating systems and network configurations may involve varying amounts of time needed to patch and test the reliability of the patch. Each of those differences should be noted in the matrix so that adequate resources can be allotted. And again, since the threats to security are fluid the allocation of resources must remain flexible enough to accommodate those changes. Failing to accurately reflect the various differences could significant impact your ability to allocate resources during peak demand times.

First published on 10/6/03

First published on 10/06/2003

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics