In the wake of several “next-generation” cyberattacks, credit unions need next-generation cybersecurity, according to CUNA Mutual Group. Credit unions have to be nimble and prepare for how the next generation of technology will impact cybersecurity, explains Carlos Molina, a risk and compliance senior consultant for CUNA Mutual Group.
According to a recent survey of hackers who attended the 2017 Black Hat Conference, the easiest and fastest way to access sensitive consumer data is through a privileged account, email account or a user’s endpoint, such as a laptop or desktop computer.
Molina says that credit unions should consider:
Developing a forward-looking cybersecurity methodology focused on expanding efforts to stay ahead of current threats, versus maintaining a program that is merely compliant, or one that has been successful in the past.
Establishing strategies to access and analyze the latest threat intelligence to help prioritize information security budgets and enhance internal technologies to defend against ransomware, distributed denial of services attacks, phishing and malware scams, vulnerabilities in mobile and internet-connected devices, and unpatched corporate software or insufficient security technology.
Ensuring the correct employee skillsets are in place, which may require training existing employees or hiring new ones.
Capitalizing on cyberthreat intelligence, or CTI, resources and advanced detection technologies to predict how certain threats or attacks are evolving and what perceived vulnerabilities are being targeted. CTI provides critical information about cyberthreat capabilities and how to prevent attacks. Organizations that leverage the expertise of professionals to review industry specific data from trusted sources like vendor partners, Information Sharing and Analysis Centers, and the United States Computer Emergency Readiness Team, have been able to effectively protect and support their cyber environment.
Additionally, organizations may be able to respond even faster to threats by using advanced detection technologies such as artificial intelligence. However, while advanced technologies like CTI and AI may improve detection and response, no technology can account for employee mistakes.
“You must establish a cybersecurity plan that combines what works today, what advances will help tomorrow, and how your well-informed and trained credit union staff can effectively deal with next generation threats,” says Molina.