What's scary enough to keep credit union leaders awake at night? Forget the ghosts and ghouls – how about fraudsters, hackers and countless other cyber threats? In honor of Cybersecurity Awareness Month, Credit Union Journal has focused on those issues and more throughout October. What follows is a sampling of that coverage.
J. Mark McWatters
J. Mark McWatters, acting chairman of the National Credit Union Administration, listens during a Senate Banking Committee hearing in Washington, D.C., U.S., on Thursday, June 22, 2017. Top U.S. banking regulators are sprinting to ease the Volcker Rule, stress tests and other constraints on Wall Street after the Trump administration issued a long list of proposals last week for rolling back post-crisis financial rules. Photographer: Andrew Harrer/Bloomberg

McWatters in the hot seat

National Credit Union Administration Chairman Mark McWatters kicked off October by repeating to Congress the agency's long-standing request for third-party vendor oversight to protect against cybersecurity threats. Credit union advocates say they've heard this argument plenty of times before, but there's a fear that the landscape may have finally changed enough to merit Congress granting NCUA's request. One former board member, however, subsequently rebuffed McWatters' proposal, claiming NCUA won't bring anything new to the table and will only be duplicating the efforts of other regulators. Credit union trade group representatives also pushed back during an NCUA budget briefing earlier this month.
Bob Michaud is chief security officer at Q2 Holdings

The first line of defense

What's a credit union's best defense against fraud? According to one analyst, the battle begins at home. CUs that educate and train their staff in the fight against fraudsters are better prepared to help members in the same fight, writes Bob Michaud of Q2 Holdings. And a user-friendly, multi-layered approach to cybersecurity could be what helps keep a credit union from becoming the next victim.

For more, click here.
hacked cover slide - CUJ 100218.jpg
Business Team Investment Entrepreneur Trading Concept

Rising 10 percent in one year and going up

Here's a scary statistic: Credit unions should expect the cost of fraud to continue to rise, with one study pegging a 10 percent increase in the last year alone.

The good news is there are plenty of steps credit unions can take to protect themselves, but it's not going to be cheap to keep up with an evolving fraud landscape.

For more, click here.
Facebook user changes - CUJ 101418

Will cyber woes lead CUs to log out of Facebook?

Between the Cambridge Analytica scandal and a data breach that impacted tens of millions of users, the news hasn't been good for Facebook lately. But will all that bad luck trickle down and impact how credit unions use the social network? One study shows young consumers changing the way they use the site and, if not deleting it outright, at least cutting back. And with credit unions working hard to reach younger members through social media platforms, there could be big changes ahead.

For more, click here.
ID verification - CUJ 102318.JPG

Who are you?

Consumers don't get a say in how organizations use their data or where they store it, and with major high-profile data breaches becoming all the more common, a growing number of credit unions are moving away from “silo” authentication methods and adopting a self-sovereign identity (SSI) solution, which analysts say need to be on all credit unions' radars.

For more, click here.
Garry McCracken is VP of technology at WinMagic.

CU in the cloud

Moving to the cloud has been a boon to credit unions for countless reasons, but one observer believes CUs should look more closely at some of the threats there. While cloud-based hosting has helped improve credit union operations and disaster recovery efforts, compliance related to the cloud remains a challenge for many CUs. With new regs on the horizon, things could get even tougher.

For more, click here.
cybersecurity threats cover slide - CUJ 103018.JPG

What's the next big cybersecurity threat?

From APIs to cloud-based hosting, internet of things malware and more, a panel of experts offered CU Journal their take on the next big cybersecurity threats and whether credit unions are prepared to face them.

For more, click here.
Dan Chaney

SOC it to me

Credit unions that aren't regularly checking up on their cloud-based service providers could be putting themselves in harm's way.

While the National Credit Union Administration doesn't expressly require Service Organization Control assessments from cloud-providers, one analyst says CUs would be well-served to ensure those evaluations are taking place. And there are steps that can help ease the process and make it less confusing.

For more, click here.