Credit Unions Must Step Up Online Defenses: Letter to the Editor
CUNA’s Governmental Affairs Conference offered guest speakers, educational opportunities and insights from our government leaders – all providing valuable information. But one key message delivered by NCUA Chairman Debbie Matz stands out: Today’s credit unions face an ongoing and active threat from cyber criminals and cyber terrorists. Already, these attacks are causing significant financial and reputational damage.
Credit unions must step up their defense against online menaces, plain and simple. The potential damage of a breached credit union system – such as compromised member data and identity theft, fraudulent transfers of funds, or unauthorized access to vendors and business partners – is just too great. And unfortunately, these worries are here to stay.
Matz offered several best practices and security protocols that all credit unions should initiate, such as vendor due diligence, strong password policies, proper patch management, employee training and network monitoring. But this isn’t enough. Credit unions also should follow the news, trends and emergence of new cyberthreats, making sure their vendors and business partners do the same. Finally, credit unions need to educate themselves, share their knowledge with others and keep this issue a top priority at industry-wide events.
I recognize that’s a lot for most credit unions to manage on their own because adequate risk-mitigation and security measures require the attention of top management, IT professionals and operational staff. If a credit union’s internal resources are limited, management should consider engaging third-party providers, who can offer critical guidance, expertise and resources.
Cyber threats are hitting closer to home every day. Whether they go it alone or seek outside support, credit unions must bolster their security posture and lower their overall level of risk. And they must do it soon.
Senior Consultant, Information Security Risk Management Services