NCUA releases annual Cybersecurity and Credit Union System Resilience Report

Last week, the NCUA released its annual Cybersecurity and Credit Union System Resilience Report to Congress in which it “summarizes the current cybersecurity threat landscape, highlights the agency’s key cybersecurity initiatives, and outlines the agency’s ongoing efforts to enhance cybersecurity preparedness and resilience within the credit union industry.”

In his introduction to the report, NCUA Chairman Todd Harper discussed the rise of cybercrime and cybersecurity incidents in the past year and emphasized the credit union industry’s commitment to keeping a vigilant eye on the growing threats. To that end, he asked Congress for their help and support in restoring the NCUA’s control over third-party vendors, citing it as a regulatory blindspot negatively impacting the entire industry. This move is something credit unions have not historically agreed with but that the NCUA has long strived for.

“Besides giving credit union members the same protection as bank customers,” Harper wrote, “this sensible statutory change would significantly improve supervisory oversight and bolster our ability to mitigate cybersecurity risks, ultimately enhancing the credit union system’s overall security posture and the protection of critical infrastructure in the United States more broadly.”

The remainder of Harper’s comments focused on stressing the importance of gaining that foothold, while in the report itself, third-party risk was listed as the number one current and/or emerging threat to credit unions.


continue reading »