CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » A call to invest in cybersecurity
Technology

A call to invest in cybersecurity

Sophisticated cybersecurity solutions can protect credit unions from potential threats.

January 17, 2023
Ricardo Font
No Comments
2023_01_Cybersecurity_1200

Cybersecurity is a top consideration for today’s credit unions, and for good reason. Research has estimated that in 93% of cases, an external attacker can breach an organization's network perimeter and gain access to local network resources. At the same time, only 50% of small- and mid-sized businesses (the heavily targeted category of many credit unions) have a cybersecurity plan in place. Risks continue to rise and evolve every day, making proactive mitigation and issues planning that much more critical.

Take, for instance, robot networks (botnets). A botnet is a network of hijacked devices running one or multiple strings of infected software to imitate human activity, steal data, or send spam messages and emails. Botnets present a serious threat to company security, as they usually exist at scale and can include millions of hard-to-detect, human-like bots.

At the direction of a malicious party, botnets can carry out criminal actions that range from overwhelming a server and rendering services temporarily unavailable via a distributed denial-of-service (DDoS) attack, to phishing and theft of consumer financial information. Botnets can also take over an entire company system, including assets, by impersonating legitimate accountholders as part of a credential stuffing attack, through which criminals can simultaneously check hundreds of thousands of credential combinations across websites.

These attacks can disrupt credit union operations and halt services provided to members. They can also have serious legal, reputational, and financial implications. In response to these growing risks, credit unions can turn to centralized, integrated, and real-time cybersecurity solutions.

Educating the community

Cyber criminals increasingly are leveraging automation to carry out cyberattacks at a vast scale. For credit unions tasked with safeguarding important consumer financial information, one of these botnet-induced data breaches could have disastrous impacts.

Many credit unions pride themselves on their sense of community and relationships with their member base. As a result, education must be a critical component of their cyber strategy. Credit unions should look to provide educational materials or trainings to employees and members. One example is educating members on the warning signs of threats such as phishing attacks—which could include emails that are urgent, request sensitive information, are from an unusual or unknown sender, include suspicious attachments, or have mismatched information.

Through education, the credit union can give members the ability and confidence to detect and avoid malicious interactions with other people and businesses, helping ensure that the entire community is safer. Any connected individual, whether an employee or member, is a company’s first line of defense against cyber threats and could unknowingly provide a bad actor access to the company’s server.

Mitigating cybersecurity risks

An increasing number of credit unions are seeking out malicious parties on the dark web—where criminal cyberattacks often start. Financial institutions have invested resources to scour the dark web, find impersonations of their user credentials, and leverage cybersecurity services to stop them in their tracks.

Credit unions are reducing the sharing of usernames and passwords by adopting solutions that offer safe, credential-less logins, such as multifactor and multistep authentication, as well as suspicious pattern or activity detection. The latter includes the ability to understand user behavior over time; from where and when users traditionally log in, to what devices they typically use. Through this data collection and analysis, credit unions can determine when criminals may be operating with stolen credentials versus what is typical and valid user behavior.

The right partner and your infrastructure

While robust cybersecurity practices may seem daunting, credit unions don’t have to go it alone. Credit unions should look for a specialized partner who can easily integrate into their existing infrastructure and develop custom-fit solutions. For instance, many credit unions only have access to a small glimpse of account behavior. But by partnering with an organization that has expanded visibility across a broad swath of services, all parties can collaborate to corroborate account and user activity, and ultimately minimize related cyber risk exposures.

Additionally, credit unions should invest in their own cyber infrastructure. Budget and personnel resourcing are often significant obstacles, but these are not the only pieces of the puzzle. Credit unions can also focus on reducing and automating tedious tasks to create efficiencies in cyber issue diagnosis and improve skilled talent retention. By making sure that the right systems and teams are in place, credit unions can ensure they are prepared for a cyberattack.

As cybersecurity threats become more varied and sophisticated, implementing equally robust and sophisticated solutions and adopting behaviors that can mitigate risks can help protect credit unions and their communities from potential threats.

Ricardo Font is director of product management at Fiserv.

KEYWORDS cybersecurity security technology

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • Nussle: Broad classification of ‘junk fees’ in SOTU will hurt consumers

  • ‘Distinctly and uniquely me’

  • Auto lending report shows significant credit union member savings

Tweets by CUNA_News

Polls

Vote for the 2023 CU Hero of the Year

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us