While board members don't have to be experts in cyber threats and the defenses available to fight them, they are responsible for the direction the credit union takes when ensuring adequate security measures are in place.
“The fearful phrase is the board is effectively responsible for everything,” says David Reed, attorney, consultant, and trainer with Reed and Jolly PLLC. “The board is the top of the decisional food chain.”
That means the board must be aware of the rules, regulations, and laws that affect the credit union, and ensure the credit union takes the appropriate steps to comply with these rules and maintains adequate security measures, Reed says.
Reed talks about the board’s role in cybersecurity, the lack of a national cybersecurity standard, challenges that cybersecurity threats present, and more in this episode of the CUNA News Podcast.
He addressed the CUNA Regulatory Compliance Certification School in Louisville, Ky.