On Compliance: When following the rules pays off

Protecting CUs’ data is a must-do that isn’t going away. Attending to regulations and internal controls can help.

The last thing you want as a credit union leader is for your organization to make headlines for exposing or losing customer data. Should this happen, you not only suffer a blow on your CU’s reputation but also accrue financial and legal jeopardy arising from non-compliance with federal regulations designed to protect such data.

Cyber threats like the Equifax breach, which affected over 143 million people, have changed the way security is viewed in organizations. Security professionals concluded that this attack was an efficacious intelligence operation targeting to spy on U.S. citizens. The breach served as a wakeup call for the financial industry’s risk profile, highlighting the need for financial institutions to shift focus from risk mitigation within the institution to addressing risk profiles with a broader perspective and implement comprehensive security reaching beyond the walls of the institution.

Credit unions and other financial institutions can use various levels of technology and compliances to counter cyber-attacks and ensure they are maintaining compliance and keeping customer data safe. Effective security checks to implement in your CU should be focused on data-at-rest defense, application encryption, tokenization, security event, information management systems and privileged user access management.


continue reading »