In a recent KeyBank cybersecurity survey, theft of client data ranked as the greatest concern for middle market business owners and executives. Today’s businesses care so much about cybersecurity because they are using digital data more than ever to improve service and efficiencies, including online and mobile banking solutions to manage financial transactions. In fact, according to Aite Group more than 75 percent of CFOs are already or would like to perform the following functions through a mobile platform: approve wire payments; make pay/no-pay decisions; add new users or manage entitlements for existing users; approve payroll and other ACH payments; initiate wire payments and ACH payments; check account balances; make transfers between accounts at the same bank.

While cybersecurity poses challenges for businesses, three-quarters of respondents in KeyBank’s recent survey feel confident in their ability to prevent such attacks from happening. The reason: improved tools and resources to implement safeguards.

• Advances in artificial intelligence, biometrics, and education address cybersecurity challenges head on. It is a case of combating advanced technology with more advanced technology. The following are the top tools by implementation popularity utilized by organizations who are effectively fighting cyberattacks:
• Antimalware protection (58 percent). These programs prevent, detect and remove malicious software from computers and networks.
• Antivirus protection (57 percent). This software scans all programs run by computers and compares them to known viruses – preventing them from replicating and damaging the computer system.
• Strong password requirements (53 percent). General rule: long and complex equals strong. Businesses can require that employees use passwords that are at least eight characters in length and combine uppercase and lowercase letters, numbers and special characters.
• Social engineering training (28 percent). As the volume of digital data grows, companies must put more emphasis on employee education and process control.

The 2016 AFP Payments Fraud and Control Survey reports that 73 percent of companies were targets of payment fraud in 2015, with many reporting increased attempts. Consider these best practices to help protect your computer, mobile devices and associated banking accounts from inappropriate use include:

Monitoring your accounts closely and frequently.

Being proactive in working with your IT/security professionals.

Following your bank’s safe login procedures and only entering your financial or account information on secure sites.

Being suspicious of any unsolicited messages or attachments and very selective about giving out your contact and personal information.

Never sending funds to unknown individuals or responding to urgent crisis messages from known senders without first verifying the request.

Locking computers and mobile devices whenever left for even short periods of time and using dedicated computers for bank business.

Developing a forum in your company to routinely discuss security best practices.

It is important to understand that many forms of online or offline business fraud are based on the concept of social engineering, in which the perpetrator psychologically manipulates an employee into taking action that will ultimately cost your company time and money.

Typical approaches are based on well-intentioned actions, like transferring cash; divulging login data or account numbers; executing a wire transfer; downloading malicious software; or allowing someone to remotely control the employee’s computer.

While no one can predict every form of cybercrime and fraud, every company can protect itself by training employees in ways to safeguard sensitive data and protect corporate resources. Employees serve on the front line in preventing fraud and security breaches. They should understand and follow company policies and practices regarding Internet safety.

Your company’s internal controls are an essential line of defense against fraud. It is critical to review your internal controls periodically, looking for areas for improvement, identifying weaknesses and adapting to changes in structure, operations or the market.

Equally important is your organization’s attitude toward fraud and creating a culture in which protecting the personal information of your employees, vendors, and clients is a priority.

The value of trust in business may be difficult to quantify, but it is immeasurable. People hold organizations to higher standards. They expect you to do what you promise and what is right. If you don’t, or if you act in a way that betrays that trust, clients will move on, and they will share why they are moving on with others.

This is why protection needs to be a priority. At every level of the organization, from the mailroom to the boardroom, a culture of accountability must exist in which people know, understand and believe in the protocols that are instituted to not only safeguard themselves against fraud but also their colleagues, clients and company.

Jed Hall is a senior banker and middle market team leader for KeyBank’s Boston market. He can be reached at 617-385-6235 or Jed_Hall@keybank.com.