Banking Exchange Magazine Logo

In some ways, a heist is a heist

Understanding the similarities and differences between digital and physical crime

In some ways, a heist is a heist

As banks face increasingly sophisticated cybercriminals intent on penetrating complex layered security defenses, it may help to approach the issue by breaking down such crimes into understandable components.

Chris Pogue, director, Trustwave, in an interview with Banking Exchange, says such crimes can be segmented into what he calls the “breach quadrilateral. These are infiltration, propagation, aggregation, and exfiltration.”

“Think in terms of a bank robbery,” he says. “What does a bank robber have to do to successfully rob a bank? He has to break in. He has to move from the point of entry to the point where the money resides. He has to somehow encapsulate the money in a bag or some other mechanism that he can then use for exfiltration, to get it out of the bank.”

The conceptual key to thwarting the bank robber—and by extension, the cybercriminal—is to disrupt at least one part of this equation, he says. “We’re looking at each one of those individually as a focal point to say, how do we stop them from getting in? How do we stop them from moving around? How do we stop them from gathering data? How do we stop them from exfiltrating? Each one has a different solution.”

A crucial difference in the analogy between digital crime and on-premises robberies is the timing. In a physical crime, the elapsed time from entry to escape can range from a few minutes to much longer in an off-hours break-in. With a cyber crime, the heist can take place in less than a second in some cases. But the realization by the bank that, first, a crime was committed, and, second, recovering from it, could take months.

“The speeds are fast. From the time it takes an attacker to perform reconnaissance, identifying a potential target, from the time it takes to breach that target, it’s a very short period of time. Once a target has been identified, it’s literally measured in seconds,” Pogue says.

Such reconnaissance usually means finding lapses in security, which often can be quite simple—the use of administrative credentials, weak or default passwords, or faulty firewalls, for example.

Pogue says his company—which has been endorsed by ABA for network security and data protection resources—deals with hundreds of cyberfraud cases a year. From the bank’s side, he says, reaction and response time is often long. “We see the average time from the point when an organization is breached to the point of time when they contain the breach as being 210 days,” he says.

Pogue recommends banks partner with security firms whose core competency matches what the organization deems its most pressing need—identifying breaches, securing data, or providing associated technology solutions for processes or procedures. He points out that even financial institutions with robust and well-experienced cyber security staffs likely can benefit from working with dedicated security firms.

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected]

back to top


About Us

Connect With Us


Webinar: From KYC to IDV

How three leading banks are utilizing cutting-edge
digital tools to onboard, win, and wow customers

Time/Date: June 23, 2021 11:00 a.m. ET

Digital adoption, already moving at warp speed, accelerated seven years into the future during the COVID-19 pandemic. As the number of bank branches continues to fall, with at least one study predicting all branches will disappear by 2034 (Fox Business) and foot traffic declining (Vox), today’s most innovative banks are charting a new, digital-first path to win over customers while increasing security, meeting KYC compliance requirements, and winning customers to drive revenue.

In this webinar, you’ll hear from John Baird, Founder & CEO of Vouched, Tyler Crawford, COO of Bankers Healthcare Group, Anand Sathiyamurthy, CPO of Flagstar Bank and Daniel Sheehan, Chairman & CEO of Professional Bank as they describe their vision for digital transformation and how customer expectations are changing to digital first. They’ll also explore how fostering an innovation mindset creates new ways to tackle complex KYC problems and allows them to quickly compete in new markets and win customers.


This webinar is brought to you by:
Vouched Logo