As we enter the new decade, one thing is clear in cybersecurity: we aren’t going to see a reduction in the need to protect credit union’s assets and their member’s confidential information.
Cybercriminals continue to develop new, innovative ways to gain entry into credit union systems. In the old days, these attacks were like a smash-and-grab at a jewelry store; get in, get the goods and get out. Not anymore.
Today’s criminals are looking for ways to exploit the systems and users over a long period of time. In fact, studies have shown that many breaches have been inside networks for more than 180 days. That’s a lot of time to do malicious activities.
At the same time, we’re seeing a huge increase in the number of cybersecurity vendors in the market with point solutions to fix a single issue like endpoint detection. There are literally hundreds of point solution providers. Their approach is to be really good at the one thing they do.
However, using this approach opens credit unions to a host of unintended consequences. One of the key issues is the fragmented nature of trying to build a D.I.Y. security infrastructure. Trying to piece together the various solutions will come with unneeded overlaps of functionality and inherent gaps as well. This issue is compounded by the fact that each piece of technology will have its own user interface and reporting so the credit union security staff is now burdened with having to monitor and manage several vendor portals along with the myriad of alerts that are sometimes conflicting.
A better approach is to have an integrated solution where each technology builds on the others to give a seamless end-to-end view across perimeter devices, servers, email and endpoints with an intuitive portal so you have a single pane of glass to look at to get a view of your entire organization.
The benefits of this approach actually go much deeper. With cybersecurity technical resources being hard to come by, having your valuable resources spending time chasing false alerts leads to alert fatigue and burnout. The new ACET Examination Tool has over 500 questions and 200 requests for information. Trying to piece together this information in various formats from unique security tools adds complexity and workload to an already taxed group. Better to have integrated reporting that meets the regulatory compliance requirements all in one place.
An end-to-end cybersecurity infrastructure will also help your credit union move to the next level in your cybersecurity maturity with Managed Detection and Response. MDR brings together your threat intelligence, your monitoring and management of your cybersecurity infrastructure combined with expert, professional cybersecurity analysts to provide the human judgement needed to proactively identify threats and take preventative actions.
2020 will undoubtedly bring more cybersecurity challenges to credit unions but those with an integrated end-to-end cybersecurity infrastructure will be better prepared to meet these challenges and more likely to incent cybercriminals to ply their trade elsewhere.
KYLE BENSON is product marketing manager for SilverSky, a CUNA Strategic Services alliance provider.