So what are credit unions doing about data security in the meantime? NAFCU's Flash found that nearly half (46%) of surveyed credit unions said they had assessed the risk of their Internet-based products and another 27% were in the process of completing an assessment. The last 27% planned to begin and complete a risk assessment by the end of the year.
Of those, 45% hired a third party to perform the assessment with a price tag of just over $10,000.
Most (74%) of the credit unions that had completed their risk assessment planned to implement additional security measures based on that assessment. About half of those are using layered security measures and 31% are using shared secrets. Other measures include tokens (14%), one-time passwords (8%), and biometrics (6%).
Credit unions are also making the effort to educate their members about data security issues by posting materials on their Web site (83%) or hosting seminars (39%). Other methods include financial counseling (26%) and statement stuffers (18%).