‘Blended Threats’ Need Blended Protection

Combating these new, complex challenges faced by CUs requires intelligence sharing.

April 20, 2013

Threats faced by credit unions today have never been more sophisticated and complex.

Safeguarding information, accounts, systems, and processes is increasingly challenging to manage as these threats evolve into “blended threats”—the merging of traditional and new risks.

While the traditional risks continue, the growing concern is over these combined, more intelligent, and advanced attacks that exploit a mix of physical, fraud, business continuity, and digital avenues.

Criminals combine malware, phishing, and sophisticated social engineering strategies to effectively evade defense strategies. These attacks are effective because many audit processes lag behind in detecting gaps that stretch across various departments.

Combating these new threats requires intelligence sharing. A coordinated approach has a better chance of addressing gaps and, better yet, discovers new gaps. To accomplish this, credit unions must improve their data visibility across multiple sources to enable greater identity capabilities.

A good place to start is in the risk assessment stage, collectively identifying current capabilities and gaps. Various teams can then work collaboratively to design solid security measures to mitigate exposure risk.

Organizations might have many approaches in how to bring these various disciplines together to work as a cohesive unit. Some might consolidate risk groups under a single management structure and others might introduce independent audit or risk management groups to look across different areas.

While one size might not fit all, one thing is for sure: Each team must work closely with each other, effectively communicate, and collectively define processes to identify and close gaps.

By the CUNA BITS Liaison Task Force.