Cyber Security

1. Bank Account Fraud Prevention.

Financial losses from check and ACH fraud reach into the billions each year and affect organizations of all sizes. Safeguard your funds and help prevent fraud with Check and ACH Positive Pay available from Macatawa Bank. Through early detection of altered or counterfeit checks and unauthorized ACH debits, Macatawa Bank’s Positive Pay Services provide your organization with comprehensive fraud detection systems.

2. Incident Response Involving your Bank Account.

• If your employee initiated a transfer to a fraudster (via wire, ACH or check), contact your financial institution immediately. Your financial institution will work with the other institution(s) on your behalf to attempt to recall the wire, ACH transactions, etc. There is no guarantee that any funds will be returned to your business account.
• Report that your business has been victimized. File a police report with your local law enforcement office and the IC3 at www.IC3.gov.
• Keep all original documentation, emails, faxes and logs of all telecommunications and retain all relevant information for law enforcement. Depending on the nature of the incident and available internal resources you may need to engage a firm specializing in forensic investigation to evaluate the situation and ensure your systems are no longer compromised. Conduct an internal review to determine how the attack occurred and if process improvements are needed.
• Contact your Cyber Liability Insurance Company to determine if there is coverage for any loss.

3. Online Account Takeover Prevention.

By leveraging tools available with your online banking at Macatawa Bank you can minimize your account takeover risk. Utilize dual approval for ACH and Wire Transfers. Pay close attention to security alert emails that notify you of additions or changes to payment recipients. Consider adding a requirement for Secure Access Code (SAC) at every login for online banking.

1. Information Technology (“IT”) Security

Develop IT security policies appropriate for your type of business. You may want to engage a security firm to help identify potential risks and vulnerabilities and provide advice on network security, encryption, authentication technologies and multilayered endpoint security. Utilize multi-factor authentication, preferably with Uniform Transformation Format (UTF) and standard security keys/tokens for login authentication to in-house and third party systems. Auditing and conditional access within your cloud providers should be enabled. Your IT team should constantly monitor IT security using automated and manual checks and react immediately should a threat be suspected or detected.

2. Vendor Management

Your vendors have the potential to expose your company to additional risk. Conduct appropriate vendor due diligence and understand the security policies of vendors who have access to your systems. If a vendor experiences a business email compromise, your employees may also receive a fraudulent or altered invoice that appears to be from a legitimate vendor. You should have a policy to establish the authenticity of any request for payment that is received by email.

3. Employee Training

Employees often may be your weakest link and are sometimes the root cause of data breaches and business email compromise. Strong password requirements and email usage policies should be created. Ongoing employee training and awareness is important, as is accountability for failing to follow policy.

4. Incident Response

Identify internal resources who are key to responding to any cyber incident and outline responsibilities in the event of an incident.

• This should include your IT team and other departments such as human resources, marketing, and legal.
• Your plan should include stopping the incident, taking corrective action to prevent a future incident, and communicating with the public when necessary.
• Resolving a cyber incident may require a coordinated effort between your Incident Response Team members, executives, law enforcement, forensic resources, regulators, insurance companies and incident response vendors.
• Identify external resources that may be needed to rapidly provide assistance and an appropriate response to any incident. This might include: your cyber insurance company, an incident response expert, legal counsel, and a technical forensics expert.

5. Cyber Liability Insurance

Your risk management and IT teams should provide information about the impact of potential breaches to help you determine the type of coverage your company may need. This may include coverage for the costs associated with a breach, the expense of updating or replacing business assets, business interruption, liability and/or cyber extortion, media/website liability, network security liability, privacy injury liability or regulatory liability, crisis management expenses, business income loss & extra expense.