As Wells Fargo’s chief information security officer (CISO), my responsibility is to protect private customer data from bad actors. Through a dedicated team and network of technology, we build defenses to keep your data safe.
We are committed to providing the highest level of cybersecurity and protections to safeguard the data, privacy and financial assets of our customers. As a customer, your online and mobile banking sessions are encrypted, and we provide 24/7 fraud monitoring to alert you to suspicious account activity. We regularly train our team members on safe technology practices to keep internal systems protected. And, we hold our third-party vendors accountable for maintaining strong cybersecurity practices so impacts to their businesses don’t affect us.
You should expect strong cybersecurity from the organizations you trust with your financial information. But, that is only part of the equation. My team is only as good as the first line of defense, which is you.
Consumers lack knowledge, commitment to safe cyber practices
A Pew Research Center study released in 2017 reported that most Americans didn’t follow cybersecurity best practices in their own digital lives. Half of the respondents admitted writing down passwords on a piece of paper or using the same password for multiple accounts (39%) while only 12% used a password management program.
In fact, a 2019 study by the Center found that many Americans lack knowledge on technology-related issues. Just 28% of adults can identify an example of two-factor authentication – one of the most important ways people can protect their personal information on accounts with private information.
Some acts are simple.
- Use strong passwords – a different one for each account or at least the accounts that matter.
- Use two-factor authentication, especially for accounts containing sensitive information. Your email accounts, banking relationships and online shopping sites should have unique, long and complex passwords and use two-factor where possible.
- Don’t send sensitive information over open networks (especially email).
- Limit what you share online.
- Keep your computer’s security software updated and patched.
Some acts require an investment of time.
Do research on the security practices of the organizations you trust with your personal information. Look for signs of strong cybersecurity procedures such as two-factor authentication. If a company lets you use a very simple password (i.e. “password1”) it could be an indicator of a lax security program.
Educate yourself on common scams. Most people know about phishing – fraudulent emails designed to trick users into divulging private information. But, phishing now comes in different forms. Smishing, or SMS phishing, is on the rise. This social engineering scam uses mobile phone texts with the goal of gaining private information through websites that look legitimate.
Another scam takes advantage of people’s dependency on technology. An urgent pop-up message appears on a computer screen or you receive a phone call warning of a potential computer problem. A fix is promised by calling “tech support” and making a payment for the service.
Even sophisticated users can fall victim to the increasing scams of fraudsters. The best way to fight it is to remain diligent about your own cybersecurity practices. During National Cybersecurity Awareness Month, make a pledge to become the CISO in your own life and follow the advice of the National Cyber Security Alliance. Own IT. Secure IT. Protect IT.