Thank you for sharing!

Your article was successfully shared with the contacts you provided.

EL SEGUNDO, Calif. – Xerox Federal Credit Union is keeping a constant watch on its IT security with a broad-based solution that’s also found its way into high-end users such as the Pentagon and the U.S. Treasury. Xerox FCU is using IT risk assessment software from Xacta Corp. to get a round-the-clock, system-wide look at its security posture while complying with industry best practices and standards and NCUA regulations. Xacta, a subsidiary of Telos Corp., is a suburban Washington-based provider of what it says is the industry’s first automated enterprise risk assessment and management solution “to go beyond compliance with information security regulations and best practices to assessing and managing risk posture on an ongoing basis,” says Emmett Wood, Xacta’s director of credit union sales. The software automatically detects what software systems are in place, runs tests against the architecture for security weaknesses and backdoors, and provides updates about potential problems, the company says. A new offering also includes the capability to automatically trigger remediation measures ranging from e-mail alerts to integrated patch deployments. “It’s no longer enough to perform a security audit periodically,” Wood says. “Given the evolving threats, constant security diligence is a must, and an automated security offering helps the overtaxed technology employees.” Available as an ASP or in-house deployment, the software also automatically generates process documentation to help credit unions ensure compliance with NCUA Regulation Part 748 and other industry standards such as BS 7799/ISO7799 and the Gramm-Leach-Bliley Act, the company says. There are 20 credit unions among Xacta’s 250-plus clients, the company says, including Xerox FCU, United Nations FCU, Affinity FCU, U.S. Senate FCU, Congressional FCU and Kaiperm FCU. At Xerox FCU, the Xacta solution segues with dual firewalls from Cisco, Norton anti-virus software and GFI e-mail filtering, among other protections. “We also still do periodic external penetration tests to help ensure security in addition to the continuous monitoring from Xacta,” says Bill Cheney, president/CEO of $765 million, 77,000-member Xerox FCU in El Segundo, Calif. “At the time we chose Xacta, we knew of no other product like it,” Cheney says. “We can assess our systems for vulnerabilities on a frequent basis, which is important since changes are happening to the network on an almost continuous basis. Sometimes those changes introduce new vulnerabilities that can now identify and correct quickly.” Depending on the deployment, a client typically spends $7,500 to $85,000 on an Xacta solution, the company says. Countering that, it says, are reducing things like the time it takes to perform security testing and analysis from about an hour per server to a minute per server, and reducing the time it takes to create a security test plan from 320 hours to a single hour. “We found that we would break even on costs for the Xacta system after about one year and enjoy weekly assessments instead of semi-annual assessments,” Cheney said, adding that benefits also include some intangibles. “It’s difficult to measure the ROI on ongoing maintenance and staff costs because we’ll never know how many times an attempted hack – or virus, worm or Trojan horse – was thwarted,” Cheney says. “We understand just how devastating the impact is on a credit union that finds itself in a situation where it must inform its members that information was compromised or perhaps that the server was successfully brought down by an attack,” the credit union CEO says. “That’s something we don’t want to have happen to us.” -

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including Law.com and GlobeSt.com.

Already have an account?


Credit Union Times

Join Credit Union Times

Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!

  • Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
  • Exclusive discounts on ALM and Credit Union Times events.
  • Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.

Already have an account? Sign In Now
Join Credit Union Times
Live Chat

Copyright © 2022 ALM Media Properties, LLC. All Rights Reserved.