The latest issue of Credit Union Magazine has an excellent article on the board of director’s role with cybersecurity. It is worth a read for every credit union board member as a reminder of the importance of your role in oversight, even if you have an IT team or vendor handling much of the daily work for prevention and vigilance against cyber events.
There is no question that security of member information is an ever-evolving field, and revisiting it regularly — even from your oversight role — is important for the reputation of your credit union. No one wants to be the institution with a breach or major cyber event; but, just hoping it doesn’t happen is like occasionally playing the lottery and counting on winnings for your retirement.
Examiners continue to push credit unions on IT security, and they provide a variety of tools to assist your team with mitigating the risks. As CUNA Federal Compliance Attorney Val Moss (who authored the above article) notes, the “board should ensure the credit union integrates cybersecurity throughout its operations as part of enterprise-wide governance, information security, business continuity, and vendor risk management processes.”
Wondering where to start? The article provides some succinct information that ties back to the regulation you are required to adhere to. Happy reading!