Cybersecurity Awareness Month: Confronting the Scariest Threats to Your Credit Union


October is National Cybersecurity Awareness Month which means it’s an excellent time to make sure there aren’t any unseen forces within your credit union that have nefarious plans for your members’ money.

Earlier this year, Wired Magazine wrote about the biggest cybersecurity threats for 2015. Three of these are indeed scary prospects for the credit union industry, but the key is to make sure you are doing everything you can to prevent these scenarios:

  • Data Destruction: Malware exists that erases data and boot records, so it is vitally important to make sure you have an excellent data backup plan.
  • Bank Card Breaches: This is a threat that isn’t going away any time soon, so it is important to be moving towards tokenization technologies to prevent this. NAFCU has partnered with MasterCard to help credit unions move towards this. For more information you can check out this webinar from earlier this year here.
  • Third Party Breaches: The data breach at Target stores is an excellent example of why you need a strong Third Party Risk Management Plan. For more information on this, check our recent webinar or blog posts here or here.

The costs of cyber threats are no joke to financial institutions big or small. According to the National Small Business Association, 44 percent of small businesses have been the victims of a cyber-attack. Clearly, it is worth the investment to review how sound your security is. The following tips from the Department of Homeland Security are an excellent place to start.

Cyberattack Prevention Tips and Practices

  • Have a plan. According to, 59% of small and medium size businesses in the United States do not have a plan that outlines procedures for responding and reporting data breach losses.  A number of these plans are covered in various compliance frameworks that may already exist, but as shelf ware.  If this describes you, now is the time to formulate both short and long term plans.
  • Utilize the latest software. Make sure you have antivirus and antispywear and update it regularly.
  • Educate. Make sure that all of your employees are aware Cybersecurity_KCGof cyber threats and educate them on the steps they must take to help combat these attacks.
  • Invest in data loss protection software, use encryption technologies to protect data in transit, and use two-factor authentication where possible.
  • Passwords. Use strong passwords throughout your organization and have employees change them regularly.

Who Should You Call?

What should you do if you’re unsure if your organization is prepared to navigate this threat landscape? If you are not sure where your cyber security threats may lie or even where you should be looking, consider going to an outside vendor. NAFCU and Knowledge Consulting Group (KCG) have partnered to provide comprehensive cybersecurity solutions.

KCG provides expert services in penetration testing and cybersecurity advisory services. Their tests offer simulation of potential attack vectors and scenarios most likely to impact the overall credit union environment, from IT systems to social engineering. They provide risk management, governance, operations, and compliance services to help credit unions navigate the complexities of the evolving cybersecurity landscape.

So take an inventory of your practices, make a plan, and evaluate where your weak spots are.

Knowledge Consulting Group is a subsidiary of ManTech International. For more detailed information on penetration testing or cybersecurity advisory services, visit KCG’s preferred partner page.

Best of NAFCU’s 48th Annual Conference and Solutions Expo (Video and Educational Highlights)

Credit union leaders from around the country gathered to network and discuss the most pressing issues impacting the industry during NAFCU’s 48th Annual Conference and Solutions Expo in Montreal, Canada. The conference was NAFCU’s largest event in nearly a decade.

Here’s a quick video of some highlights from this year’s conference:

During the conference, attendees heard from NAFCU management and leading industry professionals that included keynote conference speakers such as Founder and CEO Jeremy Gutsche, and MasterCard’s General Counsel and Chief Franchise Officer Tim Murphy.

Solutions Expo at the NAFCU 48th Annual ConferenceThis year’s conference included the annual Solutions Expo, spotlighting the latest technologies, applications, and resources available to help improve credit union operations.

Our Preferred Partners exhibited during the conference and shared their thought leadership, innovations, and solutions during educational sessions throughout the conference.

The complete list of sessions and available presentation slides are available on Here’s a quick listing of key topics presented during the conference to help your credit union grow, retain members, manage risks, protect members, and improve overall operations:

Topic Category Presentation Title Preferred Partner
Growth & Retention Building A Strong Payments Strategy Vantiv
Health Savings Accounts, IRAs and Millennials: A New Generation Presents New Opportunities  Ascensus
Using Credit Scores to Grow and Engage Membership VantageScore
Why Your Credit Union Should Offer Wealth Management Services to All Members Money Concepts
Risk & Security A Deep Dive Into EMV Implementation MasterCard
Cybersecurity Risk Mitigation: Protect Your Member Data Knowledge Consulting Group (KCG)
Top Ten Fraud Risks That Impact Your Financial Institution Allied Solutions
Uncovering the Faces of Fraud Q2
Using Moneyball Tactics and Risk Rating Assessment Models Wolters Kluwer Financial Services
Financial & Insurance Trends in the Retirement Plan Industry Pentegra Retirement Services

Thanks again to the 2015 Annual Conference signature sponsor MasterCard, our 5-star preferred partner sponsors Allied Solutions and Vantiv, and all of our partner sponsors, exhibitors, and speakers.

We’re looking forward to seeing you all at NAFCU’s 49th Annual Conference and Solutions Expo in Nashville (Music City) next year! Get more information, sign-up for updates on the latest conference details, and register by visiting