As executive vice president of enterprise risk management and chief risk officer at $8.4 billion asset San Diego County Credit Union (SDCCU), Carolyn Kissick battles threats on many fronts.

The San Diego Business Journal recognized Kissick as one of its Business Women of the Year.

Which initiatives contributed to you winning the award?

Carolyn Kissick: I lead all credit union efforts to minimize risks that could threaten the organization’s productivity and profitability, including partnering with SDCCU’s regulatory compliance team to ensure the credit union is prepared for elevated requirements that will take effect when the organization reaches $10 billion in assets.

I work to ensure data is kept confidential and secure. This includes promoting October Cybersecurity Month to SDCCU’s 900-plus employees, educating them about threats that could compromise access to credentials.

I also work with authorities at all levels to thwart and catch bad actors, and I oversee risk monitoring of more than 418,000 accounts.

How do you communicate the importance of risk management?

Kissick: I work with SDCCU’s executive leadership team and many internal and external departments to ensure we balance decisions with potential technical, regulatory, and competitive risks, and establish effective policies and procedures.

I also take steps to strengthen SDCCU security as it relates to information security and fraud risk prevention, which includes employee and member education.

What is one of the biggest risks facing credit unions?

Kissick: It is imperative to remain vigilant against fraudsters and phishing. Fraudsters are getting savvier with their approach to phishing attacks, and they continue to target and victimize vulnerable populations.

Protecting against both is a top priority for SDCCU, and we take a comprehensive approach, using solid infrastructure and ongoing education.

How do you see security threats evolving in the future?

Kissick: I see them continuing. Criminals will continue to find ways to break through vulnerable targets.

What advice do you have about managing risk?

Kissick: Stay on top of emerging risks and threats. I spend a lot of my time reading and educating the executive leadership team on any and all threats that are out there.