At the scene of a hit-and-run auto accident in Worcester, the driver of the stricken vehicle told a bystander that the other vehicle had turned down a neighboring street. The bystander asked if any vehicles had come back through the intersection since. When police arrived, the bystander was able to direct them to the end of that dead-end street, where a vehicle was found with damage, including paint scrapings, that matched the damage to and paint of the other vehicle.

The lending officer of a Baltimore bank was driving through a neighborhood a few years ago to check on a property, and noticed that the building next door had the same street address as the one given for the bank’s largest debit customer. The only problem: the building at that address was a burnt-out hull. The bank reacted with haste to this discovery indicating that the customer was not what it seemed – if it hadn’t, it might have been out millions.

At a cyber-security presentation The Bank Summit on Oct. 9, the presenters put up a slide showing line upon line of computer code, representing a raw log file. Data revealed in a log file can show the presence of malware and a footprint of who is entering the system. The presenters recommended that logs be reviewed daily; if a forensic investigation is ever needed, it cannot be conducted effectively without logs. They also said that those who operate computer systems have a “civic duty” to ensure that the system is not being used to cause harm.

These three examples vary in complexity but not in the underlying theme: Knowing what you’re looking at, or looking for, is essential. Particularly in the last case, responsibility for cyber-security is increasingly being imposed on banks. Regulators are less and less receptive to the reply, “We have a vendor for that,” cautioned The Bank Summit presenters. And in the case of a breach resulting in loss of funds, the vendor may not assume responsibility for all the losses, they said; vendors may draw the line on responsibility unless the breach occurred as a result of a shortfall in the vendor’s technology (as opposed to originating at a retailer, for example). They advised their IT audience to make sure that their third-party contracts have protection for the bank.

A knowledgeable computer specialist can read line upon line of code and spot discrepancies quickly. But how many financial institutions have such a specialist on staff?

The JP Morgan data breach that occurred earlier this month is only the most recent in a long list of cyber-attacks, which have gone global in the matter of a few years. If such a breach can happen to one of the world’s richest banks, it’s no wonder that Lloyd’s of London is moving quickly into the cyber-threat insurance sphere – fewer and fewer other insurers are willing to take that on.

The mindset needed to deter tomorrow’s cyber threats will be a combination of ownership of knowledge and street smarts. Even when EMV chip and PIN technology becomes standard next year, financial institutions need to bring together internal and external resources to protect themselves and their customers.