Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
CUs prime targets for cyber fraud--CUNA Mutual webinar
MADISON, Wis. (2/16/12)--Financial services account for about 35% of records compromised by data breaches, according to a 2011 Verizon study. Increasingly, cyber thieves are concentrating on financial service organizations with 10 to 100 employees, the size of many credit unions, the study said.

"Credit unions seem to fit the bill that cyber thieves are targeting" said Ken Otsuka during a CUNA Mutual Group webinar,"Cyber Risks and the Data Breach Hot Seat" on Wednesday. "They are looking for the path of least resistance, which often leads to credit unions."

Otsuka, senior consultant for credit union protection at CUNA Mutual, provided advice on how credit unions can manage cyber/data breach risk.

Encryption is the best starting point to mitigate risk, Otsuka said. "Confidential data at any point should be encrypted," he said.

Encryption should be used to secure communications and data storage, authentication credentials and the transmission of sensitive information. Encryption can be used not only when sending e-mails but also within operating systems, data servers and file systems, Otsuka said.

Credit unions should employ a data loss prevention (DLP) solution, Otsuka said. A DLP helps organizations determine where confidential information is located on file servers and networks. It helps control access and security and distinguishes between authorized and unauthorized users.

For example, a DLP can send notification if an employee is attempting to download confidential data on a flash drive, Otsuka said.

Management of mobile technology also is a risk management area for credit unions, especially as credit unions increasingly use their personal smartphones for business purposes.

Encryption can help mitigate the risk presented by mobile technology, Otsuka said. Also, software is available password protects business data on mobile devices. Smartphones can attract viruses that could compromise business data, he added.

Credit unions are also increasingly providing their board members with tablets, which can download reports with confidential member data, Otsuka said. Again, encryption is an essential preventative. Tablets should be equipped with antivirus software and directors should be prohibited from downloading nonessential applications.

"There should be a corporate policy for the acceptable use of any mobile device," Otsuka said.
Other Resources


News Now LiveWire
.@MECreditUnions announces winner of @YoungFreeME #SoundOff contest. @Sassquatch_Band will play Old Port Festival in June @PDD_Downtown
16 hours ago
House Financial Services Com. to hold March 3 hearing to receive the semi-annual report of @CFPB Director Richard Cordray.
16 hours ago
Rep. Jeff Miller (R-Fla.) re-introduced bill to ease veterans' access to loans for #smallbusiness purposes from a #creditunion (HR 1133)
18 hours ago
You can get your subscription to @cuna 's free, daily, online #creditunion #news service News Now here:
18 hours ago
CCUA hosts @TheNASCUS college for #creditunion directors
21 hours ago