Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
CUs prime targets for cyber fraud--CUNA Mutual webinar
MADISON, Wis. (2/16/12)--Financial services account for about 35% of records compromised by data breaches, according to a 2011 Verizon study. Increasingly, cyber thieves are concentrating on financial service organizations with 10 to 100 employees, the size of many credit unions, the study said.

"Credit unions seem to fit the bill that cyber thieves are targeting" said Ken Otsuka during a CUNA Mutual Group webinar,"Cyber Risks and the Data Breach Hot Seat" on Wednesday. "They are looking for the path of least resistance, which often leads to credit unions."

Otsuka, senior consultant for credit union protection at CUNA Mutual, provided advice on how credit unions can manage cyber/data breach risk.

Encryption is the best starting point to mitigate risk, Otsuka said. "Confidential data at any point should be encrypted," he said.

Encryption should be used to secure communications and data storage, authentication credentials and the transmission of sensitive information. Encryption can be used not only when sending e-mails but also within operating systems, data servers and file systems, Otsuka said.

Credit unions should employ a data loss prevention (DLP) solution, Otsuka said. A DLP helps organizations determine where confidential information is located on file servers and networks. It helps control access and security and distinguishes between authorized and unauthorized users.

For example, a DLP can send notification if an employee is attempting to download confidential data on a flash drive, Otsuka said.

Management of mobile technology also is a risk management area for credit unions, especially as credit unions increasingly use their personal smartphones for business purposes.

Encryption can help mitigate the risk presented by mobile technology, Otsuka said. Also, software is available password protects business data on mobile devices. Smartphones can attract viruses that could compromise business data, he added.

Credit unions are also increasingly providing their board members with tablets, which can download reports with confidential member data, Otsuka said. Again, encryption is an essential preventative. Tablets should be equipped with antivirus software and directors should be prohibited from downloading nonessential applications.

"There should be a corporate policy for the acceptable use of any mobile device," Otsuka said.
Other Resources


News Now LiveWire
About 1 in 5 #CUs offer credit-building loans,@SchenkMike @CUNA vice president of economics and statistics, told @CreditCardsCom
1 hour ago
RT @CUNA: DDoS attacks shorter, intense, more expensive: @VERISIGN HT @newsnowlivewire
1 hour ago
RT @CUNA: .@CUNACouncils launches new website. Offering site tours to current members. Check it out!
1 hour ago
.@Discover to support #ApplePay by fall HT @Forbes
3 hours ago
.@HUDgov requires investors to delay foreclosure for a year and offers a non-profit only pool sale
6 hours ago