The majority of credit unions have serious security concerns regarding insider threats, according to the results of a survey conducted by Westport, Conn.-based Awareness Technologies in partnership with CUNA Strategic Services.

Results indicated that 83% of surveyed financial institutions admit their biggest concern is confidential information transferred to unauthorized recipients, while another 52% say they are worried about sensitive data being transferred by use of removable media.

Even more concerning, 77% of all credit unions surveyed said they do not believe or were unsure if they had complete protection regarding internal data threats. However, 62% stated they already have security controls in place.

Those last two statistics were alarming, Awareness said in a press release, because it suggested the overwhelming majority of credit unions surveyed did not believe they had enough protection regarding data threats that occur internally.

Part 748 of NCUA's regulations specified, among other things, that credit unions must develop appropriate security programs, establish risk assessments and control measures, assist in the identification of persons who commit or attempt actions and crimes – knowingly or accidentally – that could result in data breaches and other security threats. Credit unions must also develop direct response programs that specify actions to be taken when the credit union suspects or detects that unauthorized individuals have gained access to member information systems –including appropriate reports to regulatory and law enforcement agencies.

“The demand for insider threat protection is growing, but it's often an expensive and demanding process,” Michael Goldberg, vice president of corporate marketing for Awareness, said. “But we pride ourselves on making sure these solutions are cost-effective and easy to use and implement.”

Awareness Technologies provides internal threat management solutions that provide uniform coverage for on-site, remote and traveling employees.

The survey results came just as news broke that because of AT&T data breaches, which exposed about 280,000 U.S. customers' names and full or partial Social Security numbers, the company agreed to pay a $25 million civil penalty to settle a Federal Communications Commission investigation into the consumer privacy violations.

The breaches took place at call centers used by AT&T in Mexico, Colombia and the Philippines, when employees accessed sensitive customer data without adequate authorization. Those employees took payment from third parties in exchange for customer names and Social Security numbers that could unlock stolen cell phones for sale on secondary markets, the FCC said.

At an international gathering of computer security professionals in March, all but 2% of respondents surveyed believed the law should address data breaches that expose consumers' personal information, and 16% advocate criminal charges against offending companies' CEOs or board members.

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).