Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Top priority for CUs must be cybersecurity, advises Council white paper
WESTBURY, N.Y. (7/16/14)--Unless the goal of protecting sensitive data is paramount to a credit union's operation, it's likely not doing enough, according to a new white paper released Tuesday by the CUNA Technology Council.

The paper discusses the importance of financial institutions making cybersecurity a top priority, while also outlining the value of educating members, protecting their information, communicating effectively should a breach occur and understanding cybersecurity laws and regulations.  

Called "Cybersecurity Preparedness: Taming the Shock and Awe of Big Breaches," it's the first white paper in a series of four scheduled for 2014 dedicated to security.  

"These big security leaks show we need to take cybersecurity preparedness seriously and do more," said Kevin Prince, principal technology strategist for D+H Compushare, a CUNA Strategic Services alliance provider. "You'll never be 100% secure, but you have to manage it as carefully as possible with the appropriate tools."

The paper first calls on Bill Podborny, chief security officer of $8.2 billion-asset Alliant CU in Chicago, to describe "cybersecurity preparedness." Podborny believes to be prepared means identifying vulnerabilities, understanding where attacks may come from, taking steps to lessen or eliminate exposure and being prepared to respond to any situation as quickly as possible.

Authors of the paper illustrate how to make cybersecurity preparedness a core function of the credit union with examples of what credit unions are already doing to keep security strong.

At Michigan Tech Employees FCU, Houghton, Mich., with $60 million in assets, for example, leaders have dedicated resources that work specifically to bolster security, an action recommended by many U.S. regulatory bodies.

"At a certain point it makes sense to separate these departments to ensure security resources don't diminish in times when the IT department is fighting for the same resources," said Justin Store, information technology services director at Michigan Tech Employees FCU.

Finally, to strengthen cybersecurity, Prince suggests credit unions should:
  • Realize what they're doing today likely isn't adequate, and won't be adequate tomorrow, as threats are constantly shifting and changing;
     
  • Conduct regular and thorough cybersecurity risk assessments and document the findings;
     
  • Mitigate risks as much as possible;
     
  • Stay on top of current threats and future trends in cybersecurity; and
     
  • Consider outsourcing to a community cloud arrangement for IT cybersecurity.
To download the white paper, use the link.
RSS print
News Now LiveWire
The Hill reports House Republicans plan to delay Aug. recess to stay in D.C. until they have enough votes to pass bill on border crisis.
7 hours ago
The FHLBs of Des Moines and Seattle announce they have entered into an exclusivity arrangement regarding potential merger of the 2 entities.
7 hours ago
SunCorp and @AlloyaCorp have announced their intent to merge.
10 hours ago
.@TheNCUA bars former employee of Southwest Communities FCU,Melissa Rosing,from work at any federally insured FI. http://t.co/owtVnPxVZT
10 hours ago
Fryzel added @TheNCUA is fed. governmt, thereby will B criticized, but always tried 2 do what is right. McWatters still 2 B sworn in.2of2
12 hours ago