5 Security Considerations for Credit Unions With Big Digital Ambitions

Among the many business concerns that keep banking executives occupied during the workday and awake at night, nothing quite rivals network security. In a recent SourceMedia survey of U.S. upper-level banking and credit union executives regarding their top technological priorities, security solutions topped the list. A majority, 55%, said they expect to commercially implement new security technology within the next 12 months, while 21% of respondents said improving security will be the top area of focus during that time span.

Digital services are becoming a strategically vital means for credit union to differentiate their brand, forge strong relationships with new and existing members and improve the efficiency of their operations. This evolution to a digital enterprise also raises the specter of significant new cyber vulnerabilities, including DDoS attacks, ransomware incursions, uninvited data exfiltration and other potentially devastating forms of breach. Indeed, in terms of dollars, cybercrime exacts a higher annual cost from the financial services industry – almost $18.3 million – than from any other business sector, according to a 2017 report from Accenture and the Ponemon Institute.

As credit unions are well aware, expanded digital capabilities and services are key to growth. So, too, is security. Protecting member information and your own assets needs to be prioritized right along with providing an enhanced banking experience. After all, one security breach can undermine all the positive momentum and member goodwill a credit union invests so much to build.

Banking institutions recognize the security imperative that accompanies embracing digital technology. Asked to identify the factors driving technology adoption within their organizations, respondents to the SourceMedia survey put cybersecurity and customer experience at the top of the list. In transitioning from legacy network infrastructures to the cloud as part of a digital transformation and mobile-first strategy, institutions need to find the optimal mix of cloud-enabled tools and technology to provide a secure, frictionless experience for internal and member-facing offerings.

That’s not always easy. As credit union chief technology officers well know, network security solutions can be expensive and challenging to implement, particularly for smaller institutions that lack the larger resources and IT departments of the big banks. Trying to integrate new security solutions into a legacy network infrastructure can further complicate matters.

A growing number of small to mid-sized institutions, including credit unions, are proving they can keep pace with the bigger banks and deliver a member-focused digital enterprise without compromising security, and do so affordably, by implementing a new breed of network with managed, cloud-based security tools integrated.

One independent, locally-owned bank is doing exactly that. Bent on delivering the type of seamless omni-channel banking experience that customers of larger banks have come to expect (digital kiosks, video banking, etc.), this eight-location institution with 100 employees and $500 million in assets needed strong, scalable and easily-managed network security to match its digitally-focused growth and service ambitions. Even with a smaller IT support staff, the bank (with third-party technical guidance) was able to identify and integrate a managed network security solution into its evolving digital platform. The security solution included an exceptionally strong cloud-based firewall for each office to protect customer information and data, plus scanning tools to monitor inbound and outbound traffic for viruses, and other measures.

The approach is working. Not only is the bank fulfilling its vision of providing customers with a richer, frictionless and multi-channel banking experience (along with greater visibility into, and control over, the network and communication tools that support delivery of that experience), it is doing so with the assurance that its brand, network, customers and assets, including data, are protected.

As institutions like this are demonstrating, the evolution to a secure digital enterprise needn’t be painful or excessively costly. Here are a handful of key considerations for evaluating cybersecurity solutions and making the transition:

• How aligned is your institution’s strategy for digital transformation with cybersecurity? Security is a critical component of the brand promise an institution makes to its members. From a strategic standpoint, protecting the sanctity and value of member data, as well as an institution’s network infrastructure and information, is as vital to growth and competitive differentiation as providing a rich, digitally-enabled member experience. Institutions therefore should be appropriately proactive, assertive and methodical in investing in network security.
• How do your security technology initiatives compare to those of your peers? To maximize ROI on digital investments, institutions need scalable security solutions that can keep pace with an expanding digital footprint, increasing network traffic and a greater volume of data. Close to two-thirds (64%) of banking executives who responded to the SourceMedia survey said security will be the focus of their technology strategy in the next three years (see the accompanying graphic).
• How closely have you evaluated your infrastructure through a security lens? In many cases, a network security specialist can identify security gaps an institution may overlook. A third-party audit/gap analysis is thus a critical early step. This type of specialist can assess an institution’s network infrastructure for security vulnerabilities and network compliance, then work with the institution to develop a plan for addressing any identified gaps.
• What are your technology options for cybersecurity? Awareness appears to be a limiting factor in how credit unions respond to the escalating cyber threat, as only 40% of upper-level banking execs in the SourceMedia survey said they are highly familiar with security technology. The more thorough decision-makers understand the network security measures available to them, their cost and how they best integrate with legacy and new cloud-based systems, the better-equipped they will likely be to select the right security solution. To learn more, cast a wider net in conducting due diligence and leverage case studies, peer recommendations, online research and industry guidelines (such as NIST and FFIEC).
• To what extent are security measures baked into your core infrastructure and processes? With technology largely powering the banking digital evolution, cyber risk should be a core decision-making factor in this transformation. When security is part of an institution’s culture, it’s in a much better position to proactively monitor, identify and respond to a cyberattack.

Delivering a trusted member experience is essential to the credit union brand promise. As cybercrime increases in frequency and complexity, institutions must proactively guard this trust. Those that invest in a forward-looking cybersecurity strategy and network infrastructure will be best positioned to deliver a frictionless – and secure – member experience.

Anne Guenther is Banking Industry Marketing Strategist for Windstream Enterprise. She can be reached at anne.guenther@windstream.com.