The credit union tech factor: As they boost their tech, they face increased cybersecurity issues

Total credit union membership hit 118.8 million in 2018, just over a third of the country’s population, according to credit union-focused insurance company CUNA Mutual Group.

Those numbers can be trumped easily by a single cybersecurity attack, as was learned in the massive 2017 breach of Equifax, in which hackers stole information of an estimated 147.7 million Americans, or almost half the country’s population.

There was a lesson in there for credit unions.

Like any organization operating in the digital age, credit unions have been presented with the daunting challenge of shielding themselves from cybersecurity risk. Here’s what they’re weighing today: 

  • With new tech comes new risk. Credit unions have had tremendous pressure placed on them to update their tech platforms in the way that financial service competitors (namely, banks) have been doing the past few years. This update could open the floodgates to potential, perhaps unforeseen, vulnerabilities. And comes at a time when regulators levy additional scrutiny on a credit union based on its threat profile, which can scale up with the addition of new digital options.
  • The attacks are bad enough to make you, well, wanna cry. Among the cybersecurity threats that are most feared today is ransomware. In one recent example, malicious software was paired with a hacker-discovered Windows vulnerability. The ransomware hack, referred to as WannaCry, devastated many institutions. The National Credit Union Administration has advised credit unions that these attacks will continue to be utilized, so bulwarks that might mitigate damage from it should be a priority.
  • Credit unions are sometimes just the last stop on the line. Credit unions want stricter standards put in place for retail businesses, too. How does something like a breach of a Walmart or Target affect credit unions? Every time it happens, those credit unions have to reissue a new batch of credit cards or debit cards to consumers that had their information potentially compromised. That’s not cheap, and it’s only becoming more costly with the prevalence of chip-based credit and debit cards. Credit union leaders say these are a lot more expensive to reissue than the older cards were. On top of that, credit unions get stuck with the bill if there is fraud. So, credit unions want merchants to have a stronger set of requirements for their security protocols.

Sources: New Jersey Credit Union League and the National Credit Union Administration