Free Cybersecurity Resources Available from the Cybersecurity & Infrastructure Security Agency

Resources from CISA are available to credit unions of all sizes to assess and improve their cybersecurity posture.

11/10/2020

The Washington State Division of Credit Unions sent out DCU Bulletin B-20-04 which provides an overview of several no cost resources available from the Cybersecurity & Infrastructure Agency. The CISA is a Division of the U.S. Department of Homeland Security. Credit unions are considered part of the critical infrastructure of the United States and the resources from the CISA are available to credit unions of all sizes to assess and improve their cybersecurity posture and identify operational strengths and weaknesses.

The following is a list of free services that are currently available from the CISA:

Vulnerability Scanning (Cyber Hygiene)

  • Scanning of Internet accessible systems for vulnerabilities on a near continuous basis.
  • Customers receive weekly reports that include current scan results, historic trends, and result comparisons to the national average.

Web Application Scanning

  • Evaluates a publicly accessible website for potential bugs and weak configurations to provide recommendations for mitigating web application security risks.

Phishing Campaign Assessments

  • Measures an organization’s propensity to click on email phishing lures.
  • Assessment results can be used to provide guidance and justify resources to defend against spear-phishing and increase user training and awareness.

Remote Penetration Testing

  • Simulates tactics and techniques of real-world adversaries to identify and validate exploitable pathways.
  • This service is ideal for testing perimeter defenses, the security of externally available applications, and the potential for exploitation of open source information

Please review the CISA website at for additional details on these services. You can download CISA’s cybersecurity essentials guide.

Question of the Week

Q. We have a member who has been appointed as a conservator over another member. She is asking if she is allowed to open more than one conservatorship account and what her bond amount is. What should we do?

A. Nothing in the conservatorship or guardianship statues limit the number of accounts which can be opened in her capacity as conservator. The amount of a conservator’s bond is set by the court. Additionally, the conservator should speak with either the court or an attorney to determine the best way to manage any accounts.

Related Links

ORS 125.410
RCW 11.88.100
IDS 15-5-411

Legal Briefs

National Credit Union Administration

NCUA Hosting Webinar on Fair Lending and Consumer Compliance Updates
On Tuesday, Nov. 17 at noon PST, the NCUA will be hosting a webinar which will focus on fair lending and consumer compliance topics.

Registration Open for Webinar on Consumer Financial Protection for Servicemembers
On Wednesday, Nov. 18 at 11 a.m. PST, the NCUA will be hosting a webinar on financial literacy and consumer protections for servicemembers.

Oregon OSHA

Oregon OSHA adopts temporary rule addressing COVID-19 in all workplaces
The Oregon OSHA has adopted a temporary rule that is intended to combat the spread of coronavirus in all workplaces by requiring employers to carry out a comprehensive set of measures. The rule will take effect on Nov. 16 and is expected to remain in effect until May 4, 2021.

Washington State Department of Financial Institutions Division of Credit Unions

Free Cybersecurity Hygiene Services & Resources Available from the Cybersecurity & Infrastructure Security Agency (CISA), a Division of the US Department of Homeland Security
The DCU released DCU Bulletin B-20-04 which provides information on several no cost resources available from the Cybersecurity & Infrastructure Security Agency. These resources are available to credit unions of all sizes to assess and improve their cybersecurity posture and identify operational strengths and weaknesses.

Office of Foreign Assets Control

OFAC has updated the SDN list as of Nov. 6. The last update prior to this was Oct. 29.

Questions? Contact the Compliance Hotline: 1.800.546.4465; [email protected].