Double Down on Cybersecurity This Summer
As our lives (and banking) become more fortified with digital architecture, cybersecurity measures must also ramp up.
For many, summertime means rest, relaxation and a little extra vitamin D. But for those looking to thwart cyberattacks, summer is not the time to take your foot off the gas. Fraudsters are always on the prowl and cybersecurity usually becomes top-of-mind after there has already been a loss of data security – and financial loss. The average total cost of a data breach is no small change either – upwards of $4 million. Unfortunately, it’s a matter of when a cyberattack occurs, not if a cyberattack will occur.
The bad guys aren’t going on summer vacation either. They aren’t always looking for open cyber doors, just weak ones to barge through. Staying safe online starts with protecting your personal data and identity. As our lives (and banking) become more fortified with digital architecture, cybersecurity measures must also ramp up. Before you roll out the beach towel and throw on your sunscreen, check out some ways you can protect yourself and your institution from attacks this summer (and all year long).
Identity Protection Checklist
Identity theft is a devastating and costly offense that can impact the victim for years to come. The older the data, the more valuable it is to the bad guys. This can cause identity damage months and even years down the road, long after the victim suspects identity fraud. At the end of the day, the best protection is prevention.
Here are some top tips for protecting your identity and data online:
- Erase all data before donating, recycling or selling old phones, computers or other devices.
- Check your credit report at least once this summer and review for inaccurate information.
- Use hard-to-guess passwords and two-step authentication for online banking and shopping.
- Use up-to-date antivirus software. (Don’t buy the first one you search for! Research all legitimate options first before buying.)
- Never publish information on social media that could be used to guess passwords or security questions (i.e. high school teacher names, first pet, etc.).
- Use a credit card (instead of a debit card) whenever possible, especially for online transactions.
- Validate tech support services via a search engine to confirm the name and a legitimate website.
Remember, if it looks fishy, it probably is phish(y).
Four Ways to Enhance Corporate Cybersecurity Controls
Credit unions must take responsibility for personal cybersecurity and identity protection. Prevention is key. From the front line to the boardroom, employees play a vital role in ensuring that corporate data does not get into the wrong hands. Here are four tactical approaches to protecting your credit union’s data and promoting a culture of strong cybersecurity:
1. Use multi-factor authentication on corporate devices, leveraging biometrics whenever possible. Biometrics like facial scans, voice identification and fingerprints are more secure than username and password combinations, which are susceptible to credential stuffing.
2. Educate employees on the signs of internal fraud. While warning signs of embezzlement and data leaks may not always be present, managers and colleagues should be mindful that certain situations can lead to employee-conducted theft. Some red flags may include but are not limited to: Addiction, sudden expensive purchases, working after hours, reluctance to delegate tasks, and prolonged or frequent absence.
3. Offer identity theft coverage to board members, employees and their families. This insurance steps in to cover the costs to correct the fraud attributed to identity theft. This is not only an attractive employee perk but also a vital protection measure in the event that your employees become a target and victim of identity fraud.
4. Establish work-from-home network policies. Working from home, the airport, the coffee shop or wherever work is done remotely opens up additional cyber doors. By establishing work-from-home network policies (i.e. secure WiFi, a VPN, encrypted drives, anti-virus software and endpoint protection), remote work can still be secure work. Even in a remote work environment, tight policies and stringent network rules can preventatively protect data. Revisit these policies periodically and adjust accordingly.
As cybersecurity concerns are up, credit unions have an opportunity to step up and protect members. Cybersecurity measures cannot fall to IT alone – the boardroom must also have a pulse on cybersecurity trends and combat measures.
The investment in cybersecurity protection is inexpensive compared to the cost of a loss. After working with a credit union recently, Joette Colletts, vice president, risk management at Allied Solutions, said, “A credit union had a $900,000 social engineering loss due to inadequate controls. After our risk specialist reviewed their policies and procedures, the CEO was appreciative and made the necessary changes to avoid this type of loss from occurring again.”
Don’t be one of the credit unions that is unprepared for a cyber breach. Equip your teams with the tools and insights needed to respond to growing threats of cyber breaches.
Ann Davidson Vice President of Risk Consulting Allied Solutions Carmel, Ind.