CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Reading, writing, and ransomware
Technology Operations

Reading, writing, and ransomware

Security expert Theresa Payton warns credit union leaders about new cybersecurity dangers.

May 14, 2018
Bill Merrick
No Comments
Reading, writing, and ransomware

Attendees at immersion18 by Trellance got some homework assignments Thursday from a security expert and reality TV star.

Theresa Payton, the first woman to serve as White House chief information officer and star of the reality TV show, “Hunted,” warned credit union leaders about the new dangers they face.

“I want us to be smarter and safer,” says Payton, a former banker and lifelong credit union member. “The threats are changing every day.”

Her “homework” to help credit unions address today’s cybersecurity threats:

►Do a “walkabout” around your credit union. Ask staff what you do well and where you fall short when it comes to information security, and try to determine where employees have implemented workarounds to security procedures.

“We need to design systems for the human psyche,” Payton says. “When was the last time you did a walkabout to see if you’re losing the line of sight of your data?

“We’ve focused on protecting servers, data, the cloud, Internet of things, and on processes, but not the human psyche,” she adds. “The game has changed since we were busy securing components.”

►Think about logical and physical separation of zones of information. The White House, she says, had many "zones of information," mostly for  budget reasons.

Having separate zones of information for different functions allows organizations to “flip a kill switch” when fraudsters compromise a particular zone.

“Think about how to create different zones of information in the credit union,” Payton advises, “and where to put logical and physical zones of separation.

People overestimate their ability to spot phishing scams, she adds. “We all know there’s no Nigerian prince wanting to give us money. But hackers are becoming so smart.

“When we’re asked to do a social engineering ploy, we get in 100% of the time,” Payton says, referring to her company, Fortalice Solutions. “That includes the C-Suite and IT people.”

She suggests creating domain names for certain functions that are separate from your public-facing domain name to keep fraudsters at bay. “This will obfuscate yourself from the bad guys.”

►Take your digital security response planning to a whole new level. Ransomware is especially concerning today.

“This is like a hockey stick in my company right now,” Payton says. “We’ve helped customers recovery quickly because they had a plan in advance.”

She suggests practicing how to respond to a potential ransomware event, which often involves the loss of data.

“When you have a plan and practice it, the disaster will be a lot smaller and will be resolved faster,” Payton says. “It always takes 400% to 600% longer than anticipated to resolve these events because people don’t think through everything.”

KEYWORDS credit union cybersecurity ransomware technology

Post a comment to this article

Report Abusive Comment

Credit Union Magazine - Winter 2020

Winter 2020

Credit Union Magazine’s Winter 2020 edition features CUNA’s 2021 lending outlook, CEO insights on adjusting to the pandemic, and board recruitment strategies.
Digital Edition •  Subscribe

Trending

  • Compliance: 2020 Year in Review, Checklist now available

  • 5 fraud predictions for 2021

  • CUNA sends recommendations to incoming Biden administration

Tweets by CUNA_News

Polls

Will you ask employees to receive the coronavirus vaccine?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors