Five Cyber Security Considerations for CUs

Even small financial institutions are big targets for hackers.

July 16, 2014
KEYWORDS hacker , security
/ PRINT / ShareShare / Text Size +


While limited budgets and a lack of information technology (IT) resources often hinder what security products, services, and practices credit unions can put forth, a comprehensive security approach that bolsters defenses and ensures business and member data remains safe and compliant is not out of reach.

Budgets control many aspects of our business and personal lives, yet somehow we manage, right? Think of security as something you can achieve regardless of what you can spend on it and how many experts you have in your organizations that can dedicate mind share and energy to it.

Here are five considerations to help you inherit this mindset and achieve premier security:

1. Use your budget wisely

Mike Flouton
Mike Flouton

When looking for security products and services, seek out tools that can help with more than one of the bases you have to cover.

If you need a secure email hosting provider, for example, look for one that also ensures compliance of any communications traveling into or out of your organization.

2. Don’t be fooled by FUD—fear, uncertainty, and doubt

Many security vendors enforce scare tactics to convince you to buy the most expensive and up-to-date security tools. Some vendors even put forth FUD about what they deem to be inadequate solutions.

Don’t get caught in the mess and gossip. If you are working with a vendor that is not transparent with you when things go wrong—because they do—it may be time to reconsider that relationship.

As my SilverSky colleague Andrew Jaquith has said time and time again, vendors must foster ongoing, truthful communication and action when any issues occur: “Transparency is absolutely critical in building trust between customer and provider.”

3. Look for a partner in your security vendor

A 100% prevention-focused program won’t succeed in this age of sophisticated threats and evolving hacker methods.

Find a security vendor that offers 24/7/365 support from security experts who monitor threats and analyze all security alerts and incidents on your network.

4. Don’t underestimate your risk factor

Sure, you may be a small financial institution compared to some of the world’s largest banks. But the second you underestimate the level of risk your business faces is probably the moment a hacker breaks in and steals sensitive information.

Among the 925 financial institutions we evaluate in our semi-annual threat report, one of our mid-size credit union customers experienced the most security incidents in a six-month period—42 incidents in total.

Moreover, five of the top six organizations in terms of number of incidents were also credit unions; one large, two mid-size, and two small credit unions.

5. Collaborate across IT and other business units

IT and security departments should stay in constant communication with other business units.

Why? To ensure best practices are being exercised across the business and to make sure that performance and customers are not negatively affected by any projects taking place in IT.

One of our credit union customers shared with us that during a large IT overhaul project, he held regular meetings with representatives from each department to ensure they were up to speed on efforts to fulfill rigorous security and regulatory requirements while reducing the cost and time associated with achieving these goals.

Representatives from each business unit were responsible for updating colleagues in their departments and reporting back with questions, feedback, and/or concerns.

MIKE FLOUTON is vice president of product marketing for SilverSky, a CUNA Strategic Services alliance provider.

Post a comment to this story

What's Popular

Popular Stories

Recent Discussion

Who Should Be the 2015 CU Hero of the Year?

View Results Poll Archive