Investing in Your Most Valuable Assets for Security – Your People

By Q2

17 Oct, 2016

Cybersecurity Awareness Month is here, and with it comes a new opportunity to partner with our institutions to increase security awareness not just during the month of October, but as a vital and engrained part of your organization. At Q2, we believe that a true defense in depth strategy incorporates people—especially employees—as well as processes and technology. Each of those facets individually may not be enough to stop an attack. But when all three are working together, compensating for each other’s weaknesses and overlapping on their strengths, we’re able to create a dynamic defense for community-focused financial institutions.

The people making up your organization simply can’t be expected to defend against attack that they aren’t familiar with. A strong, current training and awareness program is the first step in creating a multilayered defense strategy for your institution. Whether that’s recognizing trending attack characteristics or learning how to strategically incorporate machine learning into your FI’s defense strategy, our team is excited to introduce our first set of training modules aimed at helping you create a culture of security awareness, year round.

Social Engineering Awareness


This human element is often referred to as the weakest link in a cyberdefense strategy, due largely to the fact that humans are trusting by nature. Employees are very likely to click on a suspicious link or attachment, unknowingly introducing exposure points into an institution’s network.

This two-part series ensures that financial institutions are prepared for perhaps the most the difficult attacks to defend against: those aimed at people.

The first module outlines phishing and “SMiShing” (SMS phishing), examining the common vectors for attack, the consequences of falling victim to these scams and what employees should be looking for to spot phishing emails and text messages.

The second course examines the threat of pretext phone calls targeting a financial institution and its account holders and the threat of attackers’ onsite attempts to gain access to sensitive or restricted areas of a facility. We cover attack types and methods, potential impacts and best practices to ensure a proper defense.

Money Mules 101


This module will go behind the scenes to examine the threat money mules pose to FIs. More and more account holders are falling victim to this scheme, often unknowingly transferring fraudulent funds. We’ll define the problem, show how money mules are recruited, how and why account holders fall for it and how to detect potential money mule scenarios, including a series of case studies of fraud cases reported to Q2.

Examining the Nuts and Bolts of Account Takeover Fraud


Account takeover fraud has caused more than $25 billion in lost funds for U.S. financial institutions in the past five years, according to research from Javelin. This module assesses how financial institutions can help account holders defend themselves and protect their money. Knowing the ins and outs of how these attacks are perpetrated is the first step in preventing them. We’ll review attack techniques, case studies and proven defense measures.

Risk and Fraud Analytics in Depth


Q2 is at the forefront of the financial services industry in integrating data analytics and machine learning into our technology and services. The proprietary Risk & Fraud Analytics (RFA) engine is pioneering that integration, using machine learning and data analytics to detect transaction anomalies and stop fraudulent transactions in real time - before losses are realized. This session will take a deeper dive into the scoring mechanics behind RFA and explore best practice recommendations to help financial institutions make the most of this powerful tool.

Platform Security Review: Getting the Most Out of Q2’s Security Features


The Q2 platform offers a robust suite of security features, however, they can only be at their most powerful when configured strategically. This module takes an in depth look at all of the security features available within the platform to make sure your institution is adopting the most cost-effective, risk-averse and proactive defense measures possible.

The course modules listed above are the first subset of courses turning Q2’s security thought leadership into actionable education materials that you can permeate throughout your organization. Our new security training offerings are the next way we can partner with our institutions to bolster defenses and help you protect the trust you’ve earned with your account holders.

*RFA is now known as Q2 Sentinel.


Written by Q2