The No. 3 priority is planning to recover from a ransomware attack. Read on to learn the top two.
Planning to recover from a ransomware attack is a challenge, but it shouldn’t be top of mind, according to CUES member JT Gaietto, chief security officer of cybersecurity firm Digital Silence, Denver, and a member of the board of $2 billion Westerra Credit Union, also in Denver. When it comes to planning for long disruptions due to cyber attacks, ransomware should be No. 3 on the priority list, he advises.
It’s usually not the credit union but a vendor, like an IT management company, that gets hit by ransomware. Then the impact of the attack filters through to the clients, but the response is in the hands of the vendor. Therefore, the credit union’s role is more one of due diligence than disaster recovery, Gaietto says.
Still, such a breach triggers disclosure regulations, so credit unions need to lay out how they will notify any member whose data might have been exposed and deal with all the calls that follow the disclosures. “It all takes time, so credit unions should plan for that,” he advises.
The No. 2 cybersecurity concern should be business email compromise, Gaietto says. “It’s a bigger issue than many credit unions recognize,” he emphasizes. If a fraudster can take over the email persona of a lending officer, for example, they can usually glean a lot of member data. They can create fraudulent wires that would look like an earnest money payment.”
Loan officers often have a lot of member data in their email accounts, Gaietto notes. That’s not a best practice, but the reality is that it happens. “We work a lot more of those cases than we do ransomware,” he reports.
No. 1? No surprise. It’s the persistent problem of security breaches at the member level.
Richard H. Gamble writes from Grand Junction, Colorado.