Credit Union Mistakes That Cybercriminals Love
Make no mistake: big things come in small packages. That’s no secret to cyber thieves. They often take the path of least resistance and see credit unions and small banks as easy prey since they likely have fewer resources yet the same exposure to risk as larger financial institutions.
We often see threat actors testing their tactics on credit unions and small banks before attacking a larger financial institution. The credit unions not only suffer financial loss from the attacks but also the loss of time, productivity and reputation.
Credit unions often tell me, “We’re too small to matter,” “We don’t store valuable data,” and “Our core provider provides security.” Because credit unions have less funds than big banks to secure their systems and often don’t monitor their networks 24/7, it’s easy for cyber thieves to get in and out of their networks sight unseen.
Some credit unions that outsource to a core provider (a company that provides cloud services for the credit union’s core processing system) mistakenly believe that the core provider provides security for the credit union.
Core providers only provide security for themselves, so if you have malware on your system, it won’t affect them. Most financial core providers don't even mention the word “security” in the business contract, and they don’t provide security for your network environment!
There is no one device you can buy or no one thing you can do to ensure the security of your corporate environment. I often talk about the "50/30/20’ rule:
- We find firewalls notify you of about 50% of the security events that occur on your network.
- About 30% of notifications come from another security layer, the Intrusion Detection/Protection System (IDS/IPS), which is a good risk mitigation and a regulatory compliance demand.
- About 20% of your security event notifications come from servers, routers and switches that securely direct or receive your traffic.
Your IDS/IPS and firewalls should be closely monitored, and they should be managed and deployed in a multi-layered security configuration. Your cyber security devices must be tuned and updated regularly so they are effective and do not disrupt normal business traffic. And, you should monitor all of these devices on your networks 24/7, so when malware gets in, you can get it out fast, often before any information has been stolen.
A third-party information security services company can help you with security services to fit your budget so that your IT team can focus on supporting other business initiatives without stopping to try to take care of security problems.
It is more cost effective and is easier to keep intruders out rather than to get them out. Having intruders in a network is one small package no one wants to open.