The power of risk assessment
Protect your credit union from cyber attacks: Put your risk assessments to work
Every day we are bombarded with news about the threat of cyber-attacks looming over financial institutions. Let’s face it, at times, it can be overwhelming. The constant warnings of impending disaster can make it feel like the fight against cybercrime is a losing battle, with a lot of pain and not enough reward. Take heart; there is a path forward for all credit unions to get ahead of cyber-attacks, better protecting themselves and their members!
It starts by operating with a heightened level of cyber risk awareness and discipline. In essence, it’s applying the same risk management practices used for lending and credit to cyber threats. It involves thoughtful development and implementation over time of a comprehensive cyber risk program that is based on your valuable risk assessment data. Research shows that this more proactive approach is already enabling credit unions to get ahead of potential vulnerabilities and take necessary steps to mitigate risks before they escalate into full-blown attacks. The good news is that you likely have some elements in place already, so it becomes a matter of building out versus starting from scratch. Not convinced yet? Read on to learn what former Secretary of State Condoleezza Rice says about cyber and risk management.
Risk assessments inform your battle plan
To protect their information and infrastructure, credit unions need to develop a robust cyber risk program that employs a combination of defensive and offensive strategies. It is a siege mindset, which in many ways is similar to how a military commander prepares to protect a valuable target against an enemy. Vulnerabilities are identified, and appropriate fortifications are made to repel potential attacks. That’s defense. At the same time, the commander is assessing the attackers to determine how to adjust plans and continually adapt, getting ahead of the attacker. That’s offense. When combined, credit unions can better safeguard their networks against cyber threats, so they don’t become an attack.
continue reading »