In this article discusses ways credit unions should proactively approach potential cyber attacks.
Having been associated with credit unions for several decades, the one thing I noticed is that their overall operations seem to be small is size compared to commercial banking institutions. Marketing, loan processing and IT departments are often smaller in size and complexity. Although credit unions may on average work with smaller workforces, it does not minimize the criticality of need to protect its members from fraud and breaches.
One of the most important step in a credit union’s ability to respond to a cyber breach is to have a plan in place that details roles and responsibilities of key employees during the event. Along with defining roles for the response of an event, risk assessments need to be proactively conducted to make sure executives are aware of what is needed to mitigate cyber risks that put the assets of members in jeopardy. It is also recommended to that the credit union have a communication policy that specifically covers how to handle statements during a breach. Internal and external statements should be drafted and reviewed to ensure the consistency of the message being conveyed during an event. Lastly, response and business continuity plans require practice to ensure plans are current and effective.