According to Federal Reserve Chairman Jerome Powell, cyber risk is one of the foremost threats to our global financial system. This is an important statement given the current pandemic and other issues facing our global economy.
Credit unions understand this reality as they face a constant bombardment of threat actors seeking to exploit vulnerabilities and breach these important institutions. To effectively manage this risk and reduce damage caused by a data breach, ransomware attack, or other form of cybercrime, there are three specific priorities credit unions can address immediately.
First, cybersecurity should be viewed as an enterprise risk and demand the attention of the most senior executives—starting with the CEO. As the highest-ranking executive in charge, CEOs set the priorities to reach specific business objectives and drive success for all members. CEOs should create a culture of security from the top down, aligning departments and operations within a cybersecurity risk management framework to properly address threats that could impact critical operations and business objectives.
Second, leaders should conduct an independent assessment of their cybersecurity programs. To improve security, you must first know the strengths and weaknesses of your own programs. While you may have a talented team, bias exists when progress is communicated up the leadership chain. An independent assessment:
Finally, equip your credit union with the ability to quickly detect threats and indicators of compromise and have plans in place to remediate them quickly. Credit unions must gather, analyze, and monitor information on threats and vulnerabilities affecting their organizations:
Continuous monitoring of network operations, along with a regularly updated and exercised incident response plan based on industry best practices, can ensure your credit union is prepared to act quickly and avoid disaster.
Ask crucial questions to better understand your credit union’s level of security—and better protect your members’ sensitive data and critical financial operations. With more informed and meaningful conversations about the effectiveness of your enterprise risk management program, you can take the right steps to mitigate threats.
Learn the most critical questions every credit union leader should ask about their cybersecurity risk management programs. Join us for a webinar on Wednesday, May 12, at 11 a.m. CST.
PETE CORDERO is managing director for professional services at Cyber Defense Labs.