The Department of Homeland Security named this October as the 11th Annual Nation Cyber Security Awareness Month. A growing epidemic has a number of fraud and security experts extremely concerned as at least 43% of companies report data breaches.
That statistic is up 10% from last year, says the independent research consultant, the Ponemon Institute with the breach sizes growing in number.
"Particularly beginning with last quarter in 2013, and now with all the retail breaches this year, the size had gone exponentially up," Michael Bruemmer, vice president of Experian told USA Today.
Even more shocking is the low number of companies taking the rise in security seriously. Experian says that 27% of companies have no data breach intervention process in place, that’s actually down from the 39% of companies reported last year. Of those that have a policy in place, only a meager 30% of employees who work at those companies believe their interventions will be effective.
"Most organizations, and I'm only talking the sophisticated ones, have done a little, but it's not enough," said Ted Julian, chief marketing officer at cyber response management company, Co3 Systems.
Amongst the industries taking this increasing threat seriously are credit unions.
“Threats from hackers, fraudsters, thieves and terrorists can come at any time, from just about any direction,” said NCUA Board Chairman Debbie Matz in a press release. “In the last six months, we learned about two significant vulnerabilities, Heartbleed and Shellshock, which presented serious threats to security. A credit union could be the target of an attack, or someone could try to use a credit union as a conduit to attack other businesses. With so much of our lives tethered to the flow of personal information across the internet, protecting that information is a constant responsibility.”
Staying ahead of the problem, the NCUA has created extensive resources that address how credit unions can strengthen protective security layers.
The information includes ways credit unions can prevent, detect and respond to cybersecurity threats, including regulations and guidance. Direct links to the information is available on the NCUA’s special Cyber Security Resources site.
“It stands to reason that teaching members to protect their information and their finances is as much a part of financial literacy as teaching them how to balance a budget or apply for a loan,” Matz said. “It’s all part of helping members become educated.”
“United Federal Credit Union (UFCU) takes all possible steps to establish a secure, encrypted connection end to end throughout the member’s online interactions with our systems,” she says. “UFCU has a robust security environment involving multiple layers of security, such as multi-factor authentication and login approvals. Online activity is monitored 24/7; all transactions must pass through these multiple layers. Alerts are triggered immediately upon detection of abnormalities or suspicious activity.”
On Rainbow Federal Credit Union’s (Lewiston, ME) website, the credit union addressed the latest round of security threats in an article posted to the membership. With regard to Shellshock, the credit union wrote, “Rainbow FCU updates our systems regularly and your data security is the highest priority. Our systems were updated immediately upon announcement of the threat’s discovery and we will always keep our members informed of any threats to their privacy. There are steps you can take to protect your privacy online, as well.”
Directly recognizing that October is Cyber Security Awareness Month, Fort Sill Federal Credit Union (Lawton, OK) posted an informative article on its website about the prevalence of security breaches how members can protect themselves.
In addition to watching retail members’ backs, credit unions are also preparing business members for the possibility of security problems.
For example, InTouch Credit Union (Plano, TX) also stepped up the effort when it hosted an educational seminar on how security threats impact small business. The July seminar touched on topics ranging from why all businesses are targets for cyber threats to the financial and legal consequences of cyber threats.
--Next week Credit Unions Online addresses what consumers can do to protect themselves.By Gina Ragusa