There’s a knee-jerk reaction among bank executives to large security incidents – like the WannaCryptor or SWIFT attacks – in the news. “How do we solve our ransomware problem?” they may ask. Or, “how can we address our data breach issues?”

Without victim blaming, I think the much more important question to ask: What can we all do to lessen the bank’s risk?

At the CPI Global Payment Summit in New York City, next week, I’ll moderate a conversation between cybersecurity executives and threat intelligence researchers on the most pressing security issues facing the commercial payments organizations inside FIs.

Our focus: To determine how can the vast security teams inside FIs and the non-technical payment executives who want to better understand their customers’ and their firm’s risk can come closer together.
The conversation is high-level and general. The audience will mostly be made up of non-technical executives. Here are the types of questions I’m hoping we can begin to answer for them:

  • What are the largest systemic issues -- the Internet of Things, think, CCTV cameras, and unencrypted data -- inside FIs that lead to larger security incidents?
  • What resources can bankers depend on -- government, industry, or academic -- to gain intelligence on emerging threats? And, does threat intelligence matter in a landscape that’s always shifting?
  • How do non-technical executives start having conversations about security with their larger teams?
  • What kinds of services can nontechnical executives recommend to their clients to cut down on their risk?

So, what’s my ask of you: Tell me how you, given the audience, think I should frame the discussion?
As always, I’m available over Signal, Wickr, LinkedIn, Twitter (@seansposito), or, yes, email – I look forward to hearing from you. 



About Sean Sposito

Sean Sposito is an analyst in the fraud & security practice at Javelin Strategy & Research. His primary focus is the intersection of retail banking and information security. The topics he’s keenly interested in are vulnerability disclosure, cybersecurity insurance, threat intelligence, and the overall challenges facing security executives inside financial institutions. 

Before joining Javelin, Sean worked as a reporter at the San Francisco Chronicle, the Atlanta Journal-Constitution, and American Banker, among others. As a content strategist at the Christian Science Monitor, he counseled security vendors, PR agencies, and in-house communications executives on storytelling techniques and media engagement. 

He has moderated panels at the Visa Security Summit, the ATM Debit & Prepaid Forum, the Emerging and Mobile Payments Card Forum, the Mobile Banking and Commerce Summit, and the Mobile Payment Conference, among others. He holds a bachelor’s degree from the University of Missouri’s School of Journalism. 

Stay in Touch!