Cybersecurity Essentials for Community Banks: A 4 part series from Acumen Technology’s interview with Tommy Rainbolt of Acumen Technology
CEO of Acumen Technology Sonny Clark sits down for a conversation with Acumen’s vCISO Tommy Rainbolt to discuss Cybersecurity and community banks. Each post in this four-part series offers community banks an in-depth look at cybersecurity best practices, from resilience and budgeting to incident response and culture-building. Completing this 4 part series, Tommy and Sonny will discuss how cybersecurity is the responsibility of everyone.
Part 4: Building a Security-Conscious Culture—Making Cybersecurity Everyone’s Responsibility
Sonny – How important is employee security awareness in protecting community banks?
Tommy – Employee awareness is huge. Human error is often the root cause of incidents. Banks need to make security a shared responsibility by investing in regular, engaging training. Tools like KnowBe4 running phishing simulations are good as a starting point to help employees get better at spotting risks, but the new tools like PhishER that give the users an opportunity to report any email and get an intel-based response are showing to be even more effective. Reporting actual emails instead of just simulations takes awareness training to the next level.
Sonny – How can banks measure the effectiveness of security awareness programs?
Tommy – One way is to track phishing simulation and PhishER results. See how many employees recognize both phishing simulations, real world attempts, and use gamification to make training more engaging. When employees feel encouraged, not blamed, they’re more likely to report issues promptly.
Sonny – Any final advice on building a security-conscious culture?
Tommy – Cybersecurity is everyone’s responsibility. It’s not just an IT issue; it involves everyone from tellers to executives. When a bank builds a culture of security, it empowers employees to be proactive, which is ultimately the best defense.