CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • COVID-19
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » SPONSORED BY Arctic Wolf
Sponsored Content
Sponsored Content

Enhancing Detection Improves Credit Union Cybersecurity & Compliance

Detection is better than a cure, security expert says.

August 16, 2019
Todd Thiemann
No Comments
Enhancing Detection Improves Credit Union Cybersecurity & Compliance

Credit unions hold highly sensitive data such as members’ financial and personal information, but they typically lack the information technology (IT) budgets of larger banks and financial institutions.

This disparity makes them a ripe prospect for hackers, who will exploit this fact to gain access to credit union data.

Content Sponsored By:

Arctic Wolf

For example, Desjardins Group, a large federation of credit unions, just suffered a data breach that was one of the largest ever among Canadian financial institutions.

An employee improperly collected information about customers and shared it with a third party, leaking the details—including Social Security numbers, dates of birth, and email addresses—of roughly 2.7 million people and 173,000 businesses.

Analyst firm Gartner recently identified a new dynamic in security investments away from threat prevention and in favor of threat detection.

According to Gartner, “The shift in security investments from threat prevention to threat detection requires an investment in security operations centers (SOC) as the complexity and frequency of security alerts grow.”

Detection is better than a cure

While most credit unions have invested in protective measures like anti-malware and firewall products, the task of monitoring and detecting what inevitably slips through those protective layers poses an ongoing challenge.

Rapid detection can mean the difference between a compromise and a catastrophic breach. Quickly detecting the threat and breaking the attack kill chain leads to improved cybersecurity.

While larger financial institutions have the resources to establish a SOC, it can be a challenge for credit unions to budget for the eight to 12 security analysts needed for 24x7 monitoring and also bring in-house the required infrastructure like a security information and event management solution.

Typically, only large enterprise firms can afford the necessary people, processes, and technology that’s needed in the form of an on-premises SOC.

So, what’s the answer for credit unions? Think outsourced solutions.

A SOC-as-a-service gives you continuous monitoring and the necessary visibility into your network to improve your security posture and minimize threats. It includes security experts who triage alerts and only notify your own IT team when its involvement is absolutely necessary.

What's more, SOC-as-a-service solutions also help you meet industry-specific compliance needs, including NCUA guidance and PCI DSS requirements.

Seeing the threats

There are no silver bullets, but several steps can change the cybersecurity strategy from a system of protection to one of detection:

  • Educate: Regularly train and educate staff members on the tactics employed to breach systems and commit fraud.
  • Identify: Develop and implement an identity governance strategy to understand the assets you need to protect and identify bad actors before they breach the system.
  • Monitor: Maintain comprehensive and full visibility over all users, applications, and data, both on-premises and in the cloud.
  • Analyze: Analyze systems for a holistic understanding of vulnerabilities in the network that put both employees and clients at risk—and have a plan to fix them.
  • Vigilance: Be constantly vigilant. Monitor and stay prepared for when, not if, a breach happens.

By embracing the detection mantra, credit unions can better meet their cybersecurity and compliance challenges.

TODD THIEMANN is director, product marketing, at Arctic Wolf.

Post a comment to this article

Report Abusive Comment

Credit Union Magazine - Spring 2021

Spring 2021

Credit Union Magazine’s Spring 2021 edition features CUNA's 2021 advocacy agenda, strategic planning guidance, and labor market insights.
Digital Edition •  Subscribe

Trending

  • ‘More listening and less attacking’

  • Movement must focus on financial well-being for all

  • Why DEI matters to credit unions

Tweets by CUNA_News

Polls

Who should be the 2021 Credit Union Hero of the Year?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites
  • Privacy Policy

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors