CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » Educating boards on cybersecurity
Technology

Educating boards on cybersecurity

Snapshots, presentations, and reports among the ways IT professionals provide information.

September 22, 2021
Jennifer Plager
No Comments
2021_09_Educating-boards_119895
It’s crucial to inform the board about cybersecurity threats, according to a panel of information technology leaders.

When the latest ransomware, phishing, or malware attack makes the news, information technology (IT) professionals know that boards will want to know how it will impact the credit union.

“Cyberthreats are always in the news,” says Mark Reed, senior vice president, technology, at $9 billion asset American Airlines Federal Credit Union in Fort Worth, Texas. “Boards want to know and have the assurance that we’re protected.”

A panel of IT leaders discussed how they inform  the board  about  cybersecurity threats and how their  credit unions  respond to and guard against those threats during the 2021 CUNA Operations & Member Experience Council and CUNA Technology Council Virtual Conference.  

“A lot of board members aren’t as knowledgeable in the cyber realm,” says Darich Runyan, vice president, security, at $3.9 billion asset Langley Federal Credit Union in Newport News, Va. “We try to keep them in the know about what the new trends are.”

IT leaders say they often provide a monthly snapshot to the board that describes current and emerging threats, what risks the threats pose, and the credit union’s vulnerability. Some credit unions also include metrics on organization-wide training efforts and reports that break down recent incidents, including how IT became aware of the incident, the response taken, how long it took to respond, and the outcome.

‘Boards want to know and have the assurance that we’re protected.’
Mark Reed

Robert Eckhart, vice president of information security at $3.7 billion asset GECU in El Paso, Texas, says he also includes the results of IT audits if there were findings and summaries of internal and external risk assessments. The information is a high-level overview, with more detailed and technical reports provided to senior management.

2021 CUNA Operations & Member Experience Council and CUNA Technology Council Virtual Conference

2021 CUNA Operations & Member Experience Council and CUNA Technology Council Virtual Conference

While their approach varies by credit union, the panelists agreed it’s best to streamline this information so it’s more easily digestible.

“It’s an evolution,” says Benjamin Corman, director of information security (IS) and IS governance at $9.8 billion asset Digital Federal Credit Union in Marlborough, Mass. “There’s a firehose of information we could discuss, and figuring out what to discuss is crucial.”

In addition to providing information, Runyan says it’s important to complete training with board members, whether it’s a high-level discussion, going over an incident, or keeping them informed about what taking place in the cybersecurity landscape and how the credit union is responding.

“Cyber has to come from the top down,” Runyan says. “It doesn’t work from the bottom up.”


Tech21
This article is part of Tech21, CUNA News’ special focus on innovations and developments in technology. Search for the hashtag #Tech21 to follow the conversation on Twitter.

KEYWORDS #TechOME Conference CUNA OME Council CUNA Technology Council cybersecurity Tech21

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • Reps introduce bipartisan Credit Union Board Modernization Act

  • Compliance: Experts analyze NCUA’s 2023 supervisory priorities

  • CFPB must convene SBREFA panel for credit card fee rulemaking

Tweets by CUNA_News

Polls

How do you feel about the economy in 2023?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us