NEW YORK (7/2/13)--With data breach trends exponentially growing and becoming more frequent, cyber security is a topic that every credit union is being forced to address and take seriously.
During Monday's Cybersecurity session at the America's Credit Union Conference, John Mullen Sr. of Nelson Levine de Luca and Hamilton, and Mark Greisiger, president of NetDilligence, reported data breaches jumping from 1,100 in 2004 to 2,600 in 2012.
They outlined the main threats from data breaches in two categories, non-malicious and malicious.
Non-malicious threats include staff mistakes such as losing a laptop, marketing mishaps, innocent customer data leaks and networking operations. Malicious threats include stealth hackers, rogue contractors or a breach from a planned hack on a system. Non-malicious are the most common, they said.
Common issues with data breaches are decentralized information technology (IT) operations, hacking (SQL injections), the common loss of a laptop with client data, loss of backup tape,, staff mistakes and breaches of vendor and business partners.
"I hear all the time from credit unions that they believe they are too small for someone to want to hack into their systems," Mullen said. "What they don't realize is they aren't dealing with Bill Gates sitting in his garage planning and plotting his attack. Hackers use programs which provide information about which systems they will be able to attack successfully."
He went on to stress that although protecting the credit union from data breaches and cybersecurity attacks can be very expensive, it is a precaution that is necessary. With the average cost of a breach claim totaling $1 million, it is worth investing in educating the credit union's IT personnel on how to handle and prevent these attacks as well as allowing a third party to double check that the credit union's preventative measures are successful, he concluded.