All accounts that have financial data need to be protected, even those that seem to be separate from the bank.

All accounts must have passwords, sensitive accounts can have 2 factor authentication, such as SMS codes to enter AFTER the account/password authentication.

Government must set and publish standards - not for the banks, for the population.

The Gov't is pushing people to live on their smartphone, needs to set
up a software store of supported apps, setup a checklist of how to
setup each phone, and which phones have been verified for security.

Do not take this wrong, a person can use any phone and download any app, but the government cannot take responsibility for those apps. The gov't
must take responsibility for "supported" apps, be they from a bank,
insurance, medical, transportation, or any other form.

Today, many phones will upload data to a cloud, the cloud storage
is not in Israel. The gov't must setup either instructions to disable
cloud upload, or take responsibility for the data.

Last week I found that a company where I have money stopped using
account/password access and permits access via ID+phone number.
The PM's cyber team claims this is fine and I should protect my phone.
The company did not warn me that the responsibility was on me via
my phone.