Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
CUs prime targets for cyber fraud--CUNA Mutual webinar
MADISON, Wis. (2/16/12)--Financial services account for about 35% of records compromised by data breaches, according to a 2011 Verizon study. Increasingly, cyber thieves are concentrating on financial service organizations with 10 to 100 employees, the size of many credit unions, the study said.

"Credit unions seem to fit the bill that cyber thieves are targeting" said Ken Otsuka during a CUNA Mutual Group webinar,"Cyber Risks and the Data Breach Hot Seat" on Wednesday. "They are looking for the path of least resistance, which often leads to credit unions."

Otsuka, senior consultant for credit union protection at CUNA Mutual, provided advice on how credit unions can manage cyber/data breach risk.

Encryption is the best starting point to mitigate risk, Otsuka said. "Confidential data at any point should be encrypted," he said.

Encryption should be used to secure communications and data storage, authentication credentials and the transmission of sensitive information. Encryption can be used not only when sending e-mails but also within operating systems, data servers and file systems, Otsuka said.

Credit unions should employ a data loss prevention (DLP) solution, Otsuka said. A DLP helps organizations determine where confidential information is located on file servers and networks. It helps control access and security and distinguishes between authorized and unauthorized users.

For example, a DLP can send notification if an employee is attempting to download confidential data on a flash drive, Otsuka said.

Management of mobile technology also is a risk management area for credit unions, especially as credit unions increasingly use their personal smartphones for business purposes.

Encryption can help mitigate the risk presented by mobile technology, Otsuka said. Also, software is available password protects business data on mobile devices. Smartphones can attract viruses that could compromise business data, he added.

Credit unions are also increasingly providing their board members with tablets, which can download reports with confidential member data, Otsuka said. Again, encryption is an essential preventative. Tablets should be equipped with antivirus software and directors should be prohibited from downloading nonessential applications.

"There should be a corporate policy for the acceptable use of any mobile device," Otsuka said.
Other Resources

RSS print
News Now LiveWire
Large CU stress testing on the agenda for the April @theNCUA open meeting http://t.co/2TUcnmCmPi
3 hours ago
#FinancialLiteracyMonth Test your college financial aid knowledge @nasfaa http://t.co/xgrDmHaw8W
11 hours ago
Join @theNCUA #NCUAchat with @KenWortheyJr on April 23 from 11am to 12pm EST http://t.co/TnNmfFh4Nl #FinancialLiteracyMonth
13 hours ago
Maine's patent troll bill has become law. Read more in Monday in @NewsNowLiveWire
15 hours ago
Wash. DFI discusses serving legal marijuana businesses with @NWCUA http://t.co/3kw79HJUYF
15 hours ago