Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Top priority for CUs must be cybersecurity, advises Council white paper
WESTBURY, N.Y. (7/16/14)--Unless the goal of protecting sensitive data is paramount to a credit union's operation, it's likely not doing enough, according to a new white paper released Tuesday by the CUNA Technology Council.

The paper discusses the importance of financial institutions making cybersecurity a top priority, while also outlining the value of educating members, protecting their information, communicating effectively should a breach occur and understanding cybersecurity laws and regulations.  

Called "Cybersecurity Preparedness: Taming the Shock and Awe of Big Breaches," it's the first white paper in a series of four scheduled for 2014 dedicated to security.  

"These big security leaks show we need to take cybersecurity preparedness seriously and do more," said Kevin Prince, principal technology strategist for D+H Compushare, a CUNA Strategic Services alliance provider. "You'll never be 100% secure, but you have to manage it as carefully as possible with the appropriate tools."

The paper first calls on Bill Podborny, chief security officer of $8.2 billion-asset Alliant CU in Chicago, to describe "cybersecurity preparedness." Podborny believes to be prepared means identifying vulnerabilities, understanding where attacks may come from, taking steps to lessen or eliminate exposure and being prepared to respond to any situation as quickly as possible.

Authors of the paper illustrate how to make cybersecurity preparedness a core function of the credit union with examples of what credit unions are already doing to keep security strong.

At Michigan Tech Employees FCU, Houghton, Mich., with $60 million in assets, for example, leaders have dedicated resources that work specifically to bolster security, an action recommended by many U.S. regulatory bodies.

"At a certain point it makes sense to separate these departments to ensure security resources don't diminish in times when the IT department is fighting for the same resources," said Justin Store, information technology services director at Michigan Tech Employees FCU.

Finally, to strengthen cybersecurity, Prince suggests credit unions should:
  • Realize what they're doing today likely isn't adequate, and won't be adequate tomorrow, as threats are constantly shifting and changing;
     
  • Conduct regular and thorough cybersecurity risk assessments and document the findings;
     
  • Mitigate risks as much as possible;
     
  • Stay on top of current threats and future trends in cybersecurity; and
     
  • Consider outsourcing to a community cloud arrangement for IT cybersecurity.
To download the white paper, use the link.
RSS





print
News Now LiveWire
Sony hack linked to N. Korea, says U.S.intelligence via @nytimes http://t.co/fE3PtMgEFz
7 hours ago
.@CUNAMutualGroup Klewin shares final thoughts, forecast on lending regulations with @cumagazine before retiring http://t.co/v78QY3QwqB
10 hours ago
Current @CUNA COO @JillTomalin promoted to deputy chief of staff
10 hours ago
#CU Effect:@ChartwayFCU 'branch of the future' 2 benefit members, staff. 2nd installment of new News Now series here:http://t.co/ImBY4nupEj
11 hours ago
U.K. regulators have given formal authorization for the @c_of_e to form a #creditunion.
11 hours ago