X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.

SAN ANTONIO – The tech-heads in credit unions may have no problem sifting through security assessment reports full of wild acronyms and tech jargon, but board members and non-tech management personnel can’t make heads or tails of it. That’s an issue CU security firm Digital Defense is out to fix. With IT security permeating every aspect of a CU, CU directors and management members are being called on to become more involved in ensuring the CU’s electronic systems are secure. This isn’t just good management, it’s being mandated by NCUA, mostly through carrying out Gramm Leach Bliley. Digital Defense’s new Frontline 2.0 security subscription solution has been designed with tech and non-tech personnel in mind by providing plain language security assessments that can be drilled down deeper for the more specific, technical aspects, said Joe Cooper, president/CEO of Digital Defense. Cooper said a tech professional that needs more money or resources to ensure the CU’s electronic security, is going to have to provide reasons why in language that the board or CEO can understand. Frontline 2.0 gives management a big picture look at where the CU stands from a security standpoint. For example, the Network Risk at a Glance report can be presented in a variety of graphical reports to give senior decision makers a high-level overall look at the CU’s security. (See graphics). Management can see how many vulnerabilities exist in a system, how severe they are, what kind of manpower time they are taking to fix, and a host of other details that give management a wide-angle view to make decisions. “Let’s say I had a system with 10 problems and I applied nine patches in one month. Then next month there are 10 more problems with the same system. That system may have chronic vulnerability syndrome, and these reports will give management cost justification to re-evaluate the system and consider replacing it,” said John Turner, a co-founder of Digital Defense. Frontline 2.0 also provides a workflow update on all vulnerabilities. The system tells the IT department where a vulnerability is, and logs when it was fixed and by whom. Turner said this allows an IT admin employee to document when and how fixes are being done, which can be a valuable human resource tool. “If a fix is five minutes for one guy, and five hours for another, maybe I have a training issue for the guy taking five hours. Or maybe the guy doing it in five minutes isn’t doing it correctly,” said Turner, who took Credit Union Times through a guided demo of the new solution. Once a vulnerability is patched, the system retests it before giving it the all-clear. “You ever hear the saying, `in god we trust, in all others we verify.’ That’s this system, it doesn’t believe that fixes have been completed, it verifies that they’ve been completed,” said Turner. Costs vary per subscription depending on how often Digital Defense is performing scans. A small CU might opt for the $5,000 annual subscription which officers them 125 IP scans a year. On the high end, a CU can get 10,000 scans a year for about $4,600 a month. There are a number of price plans in between these two extremes. It also has on-demand IP scanning where the CU can dictate when systems are scanned. The scans can be performed for internal networks as well. The Frontline subscription also catalogs the types of operating systems and software being used at a CU and creates a list of potential vulnerabilities by solution. Frontline also rates vulnerabilities as either critical, high, medium or low to give the CU a feel for the severity of any vulnerabilities. NCUA now performs E-commerce exams (EC1, EC2) on CUs that are operating online. The hordes of reports now available in Frontline 2.0 can be presented to regulators that are considering looking more closely at a CU’s security status, said Turner. Turner said Digital Defense can’t take all the credit for the high level look his firm is now giving credit union management, because it was the firm’s CU clients that demanded it. “Before this there was no vulnerability management, no trend analysis, no customized reporting. 2.0 is a huge quantum leap. We’ve taken it to a level now where a manager person might be able to oversee the system.” [email protected]

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including Law.com and GlobeSt.com.

Already have an account?

 

Credit Union Times

Join Credit Union Times

Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!

  • Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
  • Exclusive discounts on ALM and Credit Union Times events.
  • Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.

Already have an account? Sign In Now
Join Credit Union Times
Live Chat

Copyright © 2022 ALM Media Properties, LLC. All Rights Reserved.