Cybersecurity customer education: A marketing campaign?

By: (CISSP, CISA, Security+) and

Publication: Nebraska Banker , November/December 2016

Nebraska Banker November/December 2016

One of the difficult tasks banks continue to face is how do you educate your customers on the importance of cybersecurity? You send inserts with your statements and provide pamphlets in your brick and mortar branch, but what is being absorbed?

 

On the other hand, when you are marketing, you target your audience through TV ads, flyers, magazines, tradeshows, signage, etc. – a variety of channels to reach a wide audience base. Try to think of educating your customers in the same way you would market to them. After all, one of the roles of marketing is to educate. As with marketing, you can’t expect to educate your target audience about cybersecurity through just one channel. So here are some ideas and channels to consider for providing cybersecurity education:

1)      Offer a lunch and learn

One of our clients hosted a luncheon for their business customers and brought in a couple of speakers to talk about cyber risk and protection. The presentations covered real-life stories of cyber breaches and gave the business owners some key takeaways for talking with their IT departments about current cyber controls and tips to follow to ensure their business and home systems are secure.

Your business customers are some of your most important customers and are the highest risk as targets of cybersecurity attacks. Provide them with a complimentary seminar where they can come hear about important information security topics. Talk with your IT audit provider or examiner and see if they could recommend an information security expert to come speak.

2)      Provide tips in your mobile app

I use a budgeting app that, while processing calculations, shows a busy indicator – the waiting symbol we all know. But what I enjoy about it, is that every time it gives me the waiting screen, it has a different line: “Protecting your budget from evil bots.” Or something along those lines. A playful and entertaining read, it provides an engaging user experience.

Every mobile app has a splash screen and a busy indicator for processing background information. Your customers are already looking at the screen, waiting. Why not provide a message while they wait? The message could be something like, “Tip #35: Never give out your password over the phone.” This tip does two things: 1) provides a great user experience to be able to do something (read) while you can’t do anything (wait on program) and 2) provides education to a captive audience. Talk to your mobile app developer to explore your possibilities.

3)      Print posters to display in your drive-thru

You already use this real estate for marketing your other services. Why not also use it to educate your customers? Print posters in the drive-thru with tips on staying secure online, such as: “Accessing wireless networks can be dangerous; for more info, go here.” Have a webpage with tips and educational resources for your customers to access.

4)      Messages on your ATM machines

Place a simple message near the keypad on your ATM machine that says – “Cover the keypad while you enter your pin.” This would provide a gentle reminder to your customers and foil the attempts of potential card skimmers who may have cameras poised to capture keyboard entries.

5)      Signage

Strategically place signs throughout your bank lobbies and offices to remind customers about the importance of security, such as a poster near your trashcan that says: “Always shred sensitive information.”

6)      Create a video series

You may not reach everyone, but try out a video series. Create a short video featuring one Internet safety tip per week. Share it on social media, post to your blog, play it periodically on lobby TV monitors, or publish it on your Internet banking site. You could get really creative here.

7)      Repost security tips on social media

A lot of banks are interacting with their customers on social media, keeping top of mind. Why not also share tips to help them protect their information? It doesn’t have to be your own material, but make sure the advice is coming from a trustworthy source. Use a social media management platform, like tandem Social Media Management, to send each post through the appropriate approval steps. Shameless plug. I am a marketer, after all.

This list is not exhaustive by any means, but it can help provide a starting point. Take it back to your team. Brainstorm and discuss the educational channels that would work best for your financial institution and for your customer base. Bring together your technical gurus and marketing resources. How would you market your banking services? Try doing the same with security training. However you would remarket to your customer base, use those mediums to also talk about the importance of cybersecurity and protecting your information. Criminal attacks affect all of us. As your financial institution is taking steps to secure customer information, customers need to also be vigilant in protecting their own information. Help them get excited about this responsibility.

 

 

Lauren Wiley is the Marketing Director for CoNetrix and Stephanie Chaumont is a Security and Compliance Consultant for CoNetrix.  CoNetrix is a provider of information security consulting, IT/GLBA audits and security testing, and tandem – a security and compliance software suite designed to help financial institutions create and maintain their Information Security Program. Visit our website at www.conetrix.com.