Technology Security Expert: Our Opponents are not Complacent

Warnings of distributed denial of service (DDoS) attacks and other cyber alerts are being issued to financial institutions frequently.

The most recent was an FBI warning that there could be activity on or about Sept. 11. Fortunately, a warning that widespread attacks would occur May 7 of this year saw little if any carryout of the threats. Might that cause credit union technology/security pros to become skeptical or worse yet, let down their guards?

“Yes, all the noise about cyber attacks gets tiring to hear, and we tend ignore the warnings after a while like the boy who cried wolf. After all, if my credit union isn’t attacked, then why should I be concerned?” said Don Rudolph, director of professional services for Network Computing Architects (NCA). “The reality of our profession is that our opponents are not complacent and continue to develop new threat vectors. We should be always ready to change our approach and tactics to meet the challenge.”

Offhand, Rudolph could think of recent activity that was very concerning in the credit union movement—a security breach against a Missouri credit union, and a new, mobile-based Trojan that is targeting on-line banking users.

Rudolph is scheduled to present to the next meeting of the Northwest Credit Union Association (NWCUA) Technology & Security Networking Council in SeaTac Sept. 17. Rudolph brings 20 years of strategic and tactical IT management experience, and is now a senior level IT consultant with NCA. Previously, Rudolph was chief information officer at a major Seattle credit union.

Rudolph plans to answer some important questions for credit unions including:

  • How common are security incidents?
  • How much does a breach cost?
  • Who are the primary perpetrators of cyber crime?
  • What is the timeline of a typical breach?
  • What are specific steps you can take to protect your members?
  • Is compliance enough to maintain information security?

“According to data, the financial industry is one of the best prepared against cyber attacks. In fact, I will cover this in my presentation,” Rudolph said. “What we need to focus on besides our preparation is how to continue to review logs, update servers and workstations, and stay current on patches, while working with fewer resources. In other words, we are being asked to do more with less, how do we achieve that? How can we deliver strategic IT improvements while continuing to do the routine tasks when we don’t have the time or budget to get it done? I have some ideas and suggestions that may work for credit unions.”

Registration for the Sept. 17 Technology & Security Council meeting at SeaTac is now open online.

 

Questions? Contact Lynn Heider: 503.350.2225, lheider@nwcua.org.

Posted in Events.