10/24/2024 | Press release | Distributed by Public on 10/24/2024 15:01
As Prepared for Delivery on October 24, 2024
The mission of securing cyberspace is a constant challenge. The financial services sector is the 5th most targeted sector of the nation's 16 critical infrastructure sectors. Because we know it is not an "if," but a "when," it is imperative credit unions continually evolve their cybersecurity. Make no mistake, every one of us is vulnerable. Boards, management, and staff must remain engaged and vigilant.
The massive amount of sensitive private data stored digitally, and the prospect for significant monetary gain from data breaches, makes financial institutions especially attractive. At the same time, the use of advanced technologies like artificial intelligence (AI) are not only expanding the sophistication of cyber-attacks, but also making it easier. It sounds like the perfect storm.
Over the past 30 years, credit unions have built significant interconnected systems making it possible to compete with much larger financial institutions. Credit unions have over 30 years of experience in addressing security gaps of these networks. However, we must remember that the interconnectedness of systems creates more entry points for potential cyber-attacks.
"Make no mistake, every one of us is vulnerable."
Last Monday, October 21, the NCUA released Letter to Credit Unions, 24-CU-02, "Board of Director Engagement in Cybersecurity Oversight." The letter lists four key areas of focus:
"At the same time, the use of advanced technologies like artificial intelligence (AI) are not only expanding the sophistication of cyber-attacks, but also making it easier. It sounds like the perfect storm."
Franz, would you mind putting up the slide showing the cheat sheet and wallet card?
In September 2023, OEI deployed the Information Security Examination (ISE) program for examiners. We have more than a year of experience tailoring examinations to the size and complexity of the credit unions. The ISE program is providing a clearer picture of the state of credit union cybersecurity readiness. I am encouraged by the level of preparedness examiners are finding in all sizes of credit unions, but the presentation showed there is still much to do.
Finally, I urge credit unions to check out the NCUA's Cybersecurity Resources webpage for more information.