It's 9 a.m. Do you know where your data are? As you read the morning newspaper, most likely on a mobile device, you could unwittingly be opening the way for cyber invaders. Maybe it was an email sitting in your inbox that you clicked on, maybe a link to a new business article or journal study. And suddenly the walls of your enterprise are breached—the walls that you have spent billions of dollars to secure with software and services, walls that can be breached in the blink of an eye.

In this chapter, we address two types of cyberthreat: the threat from the outside and the threat from within.

External Cyberthreats

Of late, cybersecurity threats have been a greater concern than ever, including allegations of election hacking from all sides. Although sovereign states are now deploying powerful tools of cyberwarfare, the threat posed by small but well‐organized attackers can pose just as much danger to banks.

Malcolm Gladwell, in his book David and Goliath, highlighted the somewhat counterintuitive idea that in a clash between a David and a Goliath, the odds are generally stacked against the bigger, more highly favored opponent.¹ Goliath is slow and lumbering, blinkered in his vision and rather hard of hearing. He has also has a rather outdated weapon at his disposal. Like Goliath, the modern large enterprise is slow—slow to react to changes in the business environment. It is also hard of hearing, and ...