WASHINGTON — While politics and political issues tend to take center stage at CUNA's Governmental Affairs Conference, there's another issue that causes credit union leaders to feel almost even more heartburn on a day-to-day basis – cybersecurity.
Social media, DDoS attacks and ransomware were a focus of concern from the audience at a packed GAC session, "Cybersecurity in 2017 and Beyond."
One of the panelists, Timothy Sergerson, deputy director of the Office of Examination and Insurance for NCUA, made a strong suggestion to the audience when it comes to having proper cybersecurity measures set up at their credit union. "You have to have good back-up protocols and you must test those protocols regularly."
Sergerson noted examples of medium- to large-sized credit unions where officials claimed to have proper protocols in place, but never tested them. "Some of them found out 15 months later that the protocols weren't even working and that set themselves up to face a lot of unnecessary risk," Sergerson said.
And the cost of defending against cybersecurity is going up, especially with the number of DDoS attacks on the rise. One credit union CEO at the session mentioned that his credit union once was paying $85,000 each year on security measures. Now, he claims the credit union is forking over more than $250,000 each year.
"I think we are only at the beginning of this," said Sergerson of the steady climb of cyber attacks in the financial sector. But, he said, there's some good news. "Small and medium credit unions have an advantage since they have a smaller technology footprint, it doesn't cost as much to defend." He continued, "Whatever you do, when it comes to cybersecurity, you have to set the gold standard for credit unions of your size."
Jay Isaacson, vice president of the commercial unit of CUNA Mutual Group said Cyber Insurance is a growing market for his organization precisely because of the growing and real risks involved with cybersecurity.
The Cyber Insurance product offered covers first-party response, which means it covers forensic work on the data breach and breach coaching. The other coverage area is on the liability side of the data breach. "Cyber insurance is evolving with the needs of credit unions," said Isaacson.
Sergerson suggested that all credit union leaders take a look at the Cybersecurity Assessment Tool on NCUA's website to give an indication of how to make a cybersecurity plan, understand the regulation requirements as well as updates from the federal government on new security and social media guidelines.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Michael Ogden
Editor-in-Chief at CU Times. To connect, email at [email protected]. As Editor-in-Chief of CU Times since 2016, Michael Ogden has led the editorial team in all aspects of content strategy and execution, including the creation of the publication’s exclusive and proprietary research database of the credit union industry’s economic landscape. Under Michael’s leadership, CU Times has successfully shifted to an all-digital editorial product with new focuses on the payments, fraud, lending and regulatory beats. Most recently, he introduced a data-focused editorial product for subscribers that breaks down credit union issues into hard data, allowing for a deeper and more factual narrative for readers. In 2024, he launched the "Shared Accounts With CU Times" podcast, which offers a fresh, inside-the-newsroom perspective through interviews with leaders from the credit union industry and the regulatory world. He dives into pressing credit union issues, while revealing the personalities working behind-the-scenes to push the credit union world forward. His background includes years as a radio and TV anchor/reporter and a public relations and digital/social media manager, where he covered the food and music industries, as well as cooperatives and credit unions. Over the years, he has launched numerous exclusive video and podcast series, including a successful series of interactive backstage interviews with musicians at music festivals, showcasing his social media and live streaming production skills.
