Three IT Security Solutions added to CUNA/Trace Alliance
Includes TraceSecurity’s Risk Manager, IT Security Audit Manager, and Computer Forensics Investigation

May 6, 2008

FOR IMMEDIATE RELEASE
Contact: Katye Long
CUNA Communications; (608) 231-4038
klong@cuna.coop

MADISON, Wis. - Credit unions can perform in-house risk assessments, prepare for technology audits, and find out how and why a security breach occurred with three products that were recently added to the CUNA Strategic Services, TraceSecurity alliance agreement.

Conduct regularly-scheduled in-house information risk assessments that meet regulatory requirements with TraceSecurity Risk Manager. This Web-based solution examines safeguards, vulnerabilities, threats, asset information, and loss expectancies, allowing credit unions to assess focus areas to determine their overall risk. They can then quickly determine the proper controls to implement on specific assets, based on their use and risk. Risk Manager automates the assessment process, and it is continuously updated with new threat and expanded safeguards.

Credit unions can more efficiently prepare for regulatory information technology (IT) audits with the TraceSecurity IT Security Audit Manager (TS-ITSAM). First, any data related to governance, policies, and procedures is quickly compiled and evaluated. These business and regulatory standards are then analyzed against organizational standards and regulatory controls. TS-ITSAM aligns closely with Federal Financial Institutions Examination Council (FFIEC) audits and simplifies the audit process by placing exhaustive audit domains into manageable segments to speed up the audit process. The audit results are condensed into an executive summary or a traditional reporting format, such as the FFIEC Information Security Workprogram Audit Sheet.

Finally, credit unions that have experienced a breach can find out who did it and how with Computer Forensics Investigation. Using both proprietary and open source software, a team of experts conducts a comprehensive forensic analysis of a credit union’s computers, firewall, electronic data, and other components of its IT infrastructure to identify and garner evidence of how a breach occurred. It even extends beyond external breaches to organizational data and computer misuse, theft by fraud, and compliance. After the analysis, a detailed report on the findings can be used to support or refute legal proceedings, make determinations of computer misuse, assist internal investigations, and provide other forms of electronic discovery.

For more information, visit strategicservices.cuna.org and select the TraceSecurity link, or contact Deb Bergenske, associate product manager for CUNA Strategic Services, at (800) 356-9655, ext. 4340, or by e-mail at dbergenske@cuna.coop.

###

About CUNA Strategic Services

CUNA Strategic Services Inc., owned jointly by Credit Union National Association (CUNA) and the state leagues, provides credit unions with access to high quality products, services, and technologies delivered with a competitive advantage made possible through volume pricing and strategic program development. CUNA serves 90 percent of America’s 8,500 credit unions, which are owned by more than 90 million consumer members. Credit unions are not-for-profit cooperatives providing affordable financial services to people from all walks of life. For more information, visit strategicservices.cuna.org.

About TraceSecurity

TraceSecurity is a leading provider of security compliance and risk management solutions. The company helps organizations of all sizes to achieve, maintain, and demonstrate security compliance while significantly improving their security posture. Key to TraceSecurity’s success is the company’s comprehensive patent-pending methodology that helps clients address all of the critical components of a successful security compliance program: people, process, and technology.

TraceSecurity delivers its solutions through an integrated software-as-a-service platform backed by expert professional services and comprehensive security awareness programs. The company’s flagship offering, TraceCompliance Manager, is the first comprehensive solution to automate regulatory compliance audits, board-level reporting, policy management, vulnerability assessment, and employee education and testing. The company’s expert professional services include on-site risk assessments, security audits, and social engineering. The security awareness programs include an exhaustive set of standard offerings as well as custom designed courses. With more than 700 clients, TraceSecurity supports the risk management and security compliance efforts of organizations in financial services, health care, insurance, government, and other regulated sectors. For more information, visit www.tracesecurity.com.

Copyright © 2008 - Credit Union National Association, Inc.