LAS VEGAS – Knowledge and awareness of fraud is the biggest deterrent to the threats credit unions face today, and they must implement comprehensive identity theft recovery management programs. That's according to a breakout session on cybersecurity and data breach preparedness at the Drive '15: CU Direct Lending & Marketing Conference Thursday in Las Vegas.
Citing the Privacy Rights Clearinghouse, Mark Pribish, vice president and identity theft practice leader for the Phoenix, Ariz.-based Merchant Information Solutions, said there have been 4,503 breaches since 2005, and 70% are related to social engineering, with the other 30% related to hacking from outside organizations. In addition, he said data breaches cost organizations $201 per lost customer record, according to the Ponemon Institute.
Pribish also said credit unions need to educate their members about identify theft at small businesses – a key target for hackers. The best defenses against small business identity theft, he said, are web filtering, security software, and employee and customer education. He added that it's critical for credit unions to be familiar with the security breach notification laws in the states where their members reside, so they can be clear on how to notify members and employees should a breach occur.
Recommended For You
Jim McCabe, senior vice president of identity theft services for Vero, the identity recovery solutions arm of CU Direct, said to be fully prepared for identity theft, credit unions should implement a fully-managed recovery process that includes appointing an advocate who stays in regular contact with the victim up to one year following the incident.
He also emphasized the importance of distributing prompt, reassuring communication pieces to members in the event of a breach.
"You need to send a communication that says, 'Yes, you're been breached, but guess what, you're already protected, because we've thought ahead,'" McCabe said. "A letter that says, 'We've got your back,' is very effective."
Vero offers IDProSelect and VBiz solutions, which help credit unions develop cybersecurity best practices. McCabe outlined the solutions' benefits at the close of the session, and one audience member, Siouxland Federal Credit Union President Joel Steenhoven, said he feels they may meet his credit union's needs.
"Our credit union has been looking at multiple cybersecurity vendors, and what stood out about this one is the fact it's member-friendly and protects the credit union too," the president of the $166 million, South Sioux City, Neb.-based credit union said. "We spend a lot of money on protecting our main frame system, but we don't currently have a solution that protects our membership as a whole."
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Natasha Chilingerian
Natasha Chilingerian has been immersed in the credit union industry for over a decade. She first joined CU Times in 2011 as a freelance writer, and following a two-year hiatus from 2013-2015, during which time she served as a communications specialist for Xceed Financial Credit Union (now Kinecta Federal Credit Union), she re-joined the CU Times team full-time as managing editor. She was promoted to executive editor in 2019. In the earlier days of her career, Chilingerian focused on news and lifestyle journalism, serving as a writer and editor for numerous regional publications in Oregon, Louisiana, South Carolina and the San Francisco Bay Area. In addition, she holds experience in marketing copywriting for companies in the finance and technology space. At CU Times, she covers People and Community news, cybersecurity, fintech partnerships, marketing, workplace culture, leadership, DEI, branch strategies, digital banking and more. She currently works remotely and splits her time between Southern California and Portland, Ore.
