As we move into 2016, newer and more advanced technology tools will continue to emerge to help address the growing threat of cyberattacks. However, a strong cybersecurity strategy relies on more than just savvy technology tools; it also relies heavily on other controls, such as staff involvement in detecting and preventing cyberattack exposures.
So what are the "musts" of creating a resilient, end-to-end cybersecurity strategy?
Recommended For You
1. Adopt a holistic approach to preparing for and mitigating cyberattacks.
-
Enterprise level: Collaborate with staff members at various levels of your credit union to determine how to best prevent risk at your organization.
-
Organizational level: Work with all departments and associations, especially with your IT team and vendors, to develop effective controls.
-
Systematic level: Enforce multiple layers of defense to combat and counteract attempted threats.
-
Individual level: Ask staff and members to monitor account activity and immediately report any red flags or suspicions.
2. Stimulate employee and member participation in detecting and preventing cyberattacks.
Perform regular risk education training sessions with your entire staff that touch on the following topics:
-
Common cyberattack methods and warning signs
-
Password protection recommendations
-
Red flags for suspicious emails, attachments and links
-
Vulnerabilities from high-risk websites
-
Protection measures for personal and work devices
Also, share educational materials with your members to help them understand what they should (or shouldn't) do to protect themselves from a cyberattack. Consider launching a splashy campaign to educate employees and members about risk prevention.
3. Establish a comprehensive action plan for responding to cyberattacks.
Don't wait until after your credit union or members are exposed to a cyberattack to develop a response plan. Once you do, be sure to incorporate the following steps:
-
Identify the exposure type and source.
-
Measure the severity and frequency of the exposure.
-
Control the effects of the exposure.
-
Manage future exposures by repairing the area of weakness.
Develop a strategy for managing your credit union's reputation if an attack were to occur, and impose policies and procedures for employees to follow in the event of an attack. Ensure your credit union has a cybersecurity insurance policy in place that mitigates the financial impact of an attack. You might also consider working with a reputable vendor to help build a strong breach response plan.
Developing a cybersecurity program that protects your organization on all levels can certainly be a bit challenging, but trying to recover from the negative financial, organizational and reputational impact of a major security breach can be extraordinarily more difficult.
Take this New Year as a new opportunity for your credit union to reevaluate your cybersecurity methods and utilize the resources you have at your disposal to build a stronger, more robust cybersecurity strategy.
Ann Davidson is vice president of risk consulting for Allied Solutions. She can be reached at 972-447-3703 or [email protected]
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
