CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » SPONSORED BY Arctic Wolf
Sponsored Content
Sponsored Content

Enhancing Detection Improves Credit Union Cybersecurity & Compliance

Detection is better than a cure, security expert says.

August 16, 2019
Todd Thiemann
No Comments
Enhancing Detection Improves Credit Union Cybersecurity & Compliance

Credit unions hold highly sensitive data such as members’ financial and personal information, but they typically lack the information technology (IT) budgets of larger banks and financial institutions.

This disparity makes them a ripe prospect for hackers, who will exploit this fact to gain access to credit union data.

Content Sponsored By:

Arctic Wolf

For example, Desjardins Group, a large federation of credit unions, just suffered a data breach that was one of the largest ever among Canadian financial institutions.

An employee improperly collected information about customers and shared it with a third party, leaking the details—including Social Security numbers, dates of birth, and email addresses—of roughly 2.7 million people and 173,000 businesses.

Analyst firm Gartner recently identified a new dynamic in security investments away from threat prevention and in favor of threat detection.

According to Gartner, “The shift in security investments from threat prevention to threat detection requires an investment in security operations centers (SOC) as the complexity and frequency of security alerts grow.”

Detection is better than a cure

While most credit unions have invested in protective measures like anti-malware and firewall products, the task of monitoring and detecting what inevitably slips through those protective layers poses an ongoing challenge.

Rapid detection can mean the difference between a compromise and a catastrophic breach. Quickly detecting the threat and breaking the attack kill chain leads to improved cybersecurity.

While larger financial institutions have the resources to establish a SOC, it can be a challenge for credit unions to budget for the eight to 12 security analysts needed for 24x7 monitoring and also bring in-house the required infrastructure like a security information and event management solution.

Typically, only large enterprise firms can afford the necessary people, processes, and technology that’s needed in the form of an on-premises SOC.

So, what’s the answer for credit unions? Think outsourced solutions.

A SOC-as-a-service gives you continuous monitoring and the necessary visibility into your network to improve your security posture and minimize threats. It includes security experts who triage alerts and only notify your own IT team when its involvement is absolutely necessary.

What's more, SOC-as-a-service solutions also help you meet industry-specific compliance needs, including NCUA guidance and PCI DSS requirements.

Seeing the threats

There are no silver bullets, but several steps can change the cybersecurity strategy from a system of protection to one of detection:

  • Educate: Regularly train and educate staff members on the tactics employed to breach systems and commit fraud.
  • Identify: Develop and implement an identity governance strategy to understand the assets you need to protect and identify bad actors before they breach the system.
  • Monitor: Maintain comprehensive and full visibility over all users, applications, and data, both on-premises and in the cloud.
  • Analyze: Analyze systems for a holistic understanding of vulnerabilities in the network that put both employees and clients at risk—and have a plan to fix them.
  • Vigilance: Be constantly vigilant. Monitor and stay prepared for when, not if, a breach happens.

By embracing the detection mantra, credit unions can better meet their cybersecurity and compliance challenges.

TODD THIEMANN is director, product marketing, at Arctic Wolf.

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • CFPB issues CUNA-opposed proposal on credit card late fees

  • Auto lending report shows significant credit union member savings

  • 2023 Credit Union Hero of the Year voting open

Tweets by CUNA_News

Polls

Vote for the 2023 CU Hero of the Year

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us