We’re all connected

By CUNA Staff06.29.2020

Credit unions best weapon against cyberattacks is their proven ability to collaborate.

Collaboration spreads the widest net against a relentless foe that has time and again eluded even the biggest corporate entities.

“We’re all connected, says Sherry Davidoff, CEO and founder of LMG Security. “When you’re planning for your credit union’s cybersecurity, you must include your community. You have to include anybody that affects your risks, whether it’s inside or outside your organization. It’s a community problem and it has to be addressed with community solutions.”

Even with their members, credit unions have to take a collaborative approach, Davidoff says. “Hackers are after your credit union’s members,” Davidoff says. ‘It’s easier for them to socially engineer your members than it is for them to break into your financial institution. If your member loses a lot of money their going to look to you to be made whole. So you have to be mindful your member’s security as well as your own security. You have to be a source of training and knowledge. Trust is essential.”

Davidoff says consumers are most often compromised through phishing emails—through which hackers try to gain personal information through deceptive emails and website--and weak passwords.

“You can help members understand what a phishing email looks like,” Davidoff says. They have to know you will never ask them for your account number. They have to understand that using the same password for the account at the credit union as they do on ecommerce sites makes them an easy target for hackers.”

Davidoff says enhanced cybersecurity doesn’t have to be expensive, and is affordable for every credit union. Consider two-factor authentication. “Two-factor authentication will dramatically reduce your risk of fraud, and many two-factor risk fraud applications are free,” she says. “Often credit unions set them up in a rush after they get hacked, but it's much better to have a proactive approach and set them up before you’re victimized.”

Another affordable prevention is minimizing unnecessary data. The No. 1 thing you can do to reduce your risk of a data breach, is to minimize your data,” Davidoff says. Most of us collect way too much data. We keep it around too long and we have too many copies of its. Make sure you’re getting rid of those extra copies that people have on their thumb drives and workstations.”