Protecting Your Credit Union from Cyber & Data Breach — A Greater Challenge in 2015

by Jim McCabe
Protecting Your Credit Union from Cyber & Data Breach — A Greater Challenge in 2015

Protecting your members and your credit union from cyber-attacks will be a greater challenge in 2015.  With the New Year upon us, the forecast for 2015 indicates a significant increase in the number data breach events affecting consumers and your members.

As threats continue to rise, credit unions are searching for ways to reduce their cyber and data breach risks, while also improving member service and retention.

One of the payment industry solutions ready for roll-out in 2015 is the new, much discussed EMV Chip card technology.  These cards are intended to improve security for credit card usage with its new built-in chip that replaces the old school, and less secure magnetic stripe.  Visa and MasterCard are expecting to make this chip technology available to retailers and card issuers by October 2015.  Both companies believe that these cards will make it safer for consumers to “get back into the water” of credit card retail purchases.

Unfortunately, these EMV Chip cards may not protect consumers as well as originally expected.  The recent CUNA Tech Council White Paper has revealed some levels of concern during the upcoming roll-out period that clearly states members need to be suspicious of increased phishing attacks.  Card-Not-Present fraud could also increase, based on feedback from initial test market rollouts of these cards in the U.S. in 2014.   This Card-Not-Present fraud type was highlighted in an article from idinsightAccording to KrebsonSecurity, New-Account Fraud and Account-Takeover Fraud are expected to be an “increased threat” with the new EMV Chip cards as well. reveals still more unsettling news about EMV cards. Introduced in Europe over the past several years, thieves and technically savvy criminals have discovered new methods of gaining access to chip cards. Once believed to be an important step towards better protecting consumers and to combat fraud, these cards are indeed at risk, revealing warning signs that can’t be disregarded.

Fraud experts generally agree that today’s cyber criminals are highly sophisticated and anticipate the actions of those who try to prevent data breach and ID theft activity.  Just a few years ago the then-Cyber Chief of the FBI, Shawn Henry, was quoted about protective measures against fraud, saying, “You never get ahead, never become secure, never have a reasonable expectation of privacy or security…”  So what is the best precaution lending institutions have from the growing threat of ID theft and data breach? The answer lies within the acceptance of the fact that it’s not a matter of IF breaches or ID theft will happen to you, it’s a matter of WHEN. And, what your plan is WHEN it happens.

Simply incorporating basic compliance procedures, monitoring services, and preventative policies aren’t enough to ensure your credit unions’ and its member’s true protection.  Credit unions must incorporate a strategy that includes best of breed solutions for business breach and ID theft restoration & recovery services.   Implementing recovery services that create a safety net in the event of a breach are necessary for fully protecting both credit union and member, while also providing the ability to improve overall member service and retention.


About the Author

Jim McCabe
Jim McCabe is the Senior Vice President, Identity Theft Services, for Vero, a CU Direct company