DEFENSESTORM BLOG
3 Ways to Improve Your Credit Union’s Cybersecurity
Tuesday, November 2nd, 2021
DEFENSESTORM BLOG
Tuesday, November 2nd, 2021
With increased digitization in everyday life, financial institutions know that strong cybersecurity is critical.
With increased digitization in everyday life, financial institutions know that strong cybersecurity is critical. Rapidly evolving technology and subsequent security measures must align, but how can credit unions do more to improve their cybersecurity maintenance?
Years ago, anything related to technology siloed in the IT department. Now, everyone from risk teams, top-level management, and front-line employees needs to possess at least a general awareness of how criminals can infiltrate their systems. Structural changes and cross-team collaboration are necessary to continue cybersecurity improvements across a credit union’s entire network.
For example, a chief information security officer set up a VPN (virtual private network) for more employees of her bank to work from home when the coronavirus pandemic hit. As a part of the rollout, a multi-factor authentication upgrade was introduced, which she feared would cause substantial backlash. “I expected a lot more pushback from the team,” she said, “and got none. Everyone, including the displaced tellers, were receptive and understanding of the need for better remote access security.”
Cybersecurity implementation requirements have become clearer for credit unions. The Cybersecurity Assessment Tool created by the Federal Financial Institutions Examination Council provides guidelines to help credit unions determine their cybersecurity readiness, such as ability to identify and control causes of a cyberattack and ensure proper threat assessment. While the CAT framework itself is voluntary, ensuring your credit union is in compliance with it is an excellent start.
As more financial institutions turn toward cloud-based services, the growth of cyberattacks aimed at the cloud has increased. One area in particular that has created major cybersecurity problems for financial institutions has been small fintech partners that could struggle to maintain cybersecurity compliance, or are not always transparent with clients. If your credit union plans to make the cloud a part of your business, vet them vigorously.
Credit unions must stay vigilant about cybersecurity and ensure everyone from staff to third-party vendors is on the same page when it comes to guidelines and regulations. As long as everything and everyone is kept up-to-date, you will have fewer reputation risk concerns, so you can carry on with serving your members.
Bob Thibodeaux
Chief Information Security Officer
Bob has more than 25 years of experience as a senior security expert and highly accomplished IT executive and engineer. Through leadership positions managing IT departments and programs, technology operations and data center operations, Bob has driven innovative process improvements, disaster recovery programs, information security strategies, and audit and compliance improvements. He has been responsible for incident response, risk management and penetration testing for community-focused banks, credit unions and high-tech companies across the United States. Bob is a Certified Information Systems Security Professional, Digital Forensics Examiner and GIAC Penetration Tester. Bob holds a degree in Business and Management from the University of Maryland and is a retired USAF Senior Master Sergeant.