Everybody is talking about cybersecurity: People are more afraid of having their bank accounts hacked or payment cards cloned than they are of getting a serious illness or being burglarized, according to a survey of more than 12,000 consumers by HSBC. Meanwhile, in the wake of the Equifax breach, research from the Identity Theft Resource Center and CyberScout shows that consumer trust is eroding. Nearly half of consumers surveyed said they were confused about what to do after learning their data had been compromised. Three-quarters of respondents reported feeling frustrated and annoyed, angry or anxious. Only 11.5 percent said they felt confident that they would be O.K., even after receiving credit or identity monitoring services.
In a world where data security is so closely connected with trust, cybersecurity is critical to your success. This is why CO-OP is laser-focused on this issue, and why so much of our investment today is rooted in developing the talent and technology needed to protect your valuable member and account data and maintain your members’ trust.
Cybersecurity across the enterprise
Security isn’t a new priority for CO-OP. Because this challenge is so vital, it has always been our focus. But new challenges with cybersecurity call for new approaches. And recently, the frequency, pervasiveness and scale of cybercrime has been astonishing:
- The recent Equifax breach compromised a staggering 145 million records.
- Yahoo announced recently that virtually all 3 billion of its accounts were affected in a 2013 breach.
- 43 percent of financial services companies surveyed by PwC in 2016 suffered a phishing attack. Phishing was the number one vector of cyberattack in 2016.
- Last fall, an army of compromised IoT devices carried out a large-scale DDoS attack.
- On May 12, 2017, WannaCry ransomware infected roughly 230,000 computers in 150 countries. This was less than six months ago and it already feels like old news.
In this environment, cybersecurity can’t be a departmental concern: It’s an enterprise-wide mission. Among the key moves we’ve made this year is to build out a team of experts to manage CO-OP’s data infrastructure and internal processes to help ensure the security of our data and yours. Among these key arrivals are Paul Love, Chief Information Security Officer, reporting to Kari Wilfong, CFO/CAO; and Matthew Maguire, Chief Data Officer, reporting to Nick Calcanes, Chief Information Officer, who also joined CO-OP earlier this year.
We are complementing our information security upgrades with new machine learning technology to detect fraud on behalf of you and your members. Machine learning gives us the speed, accuracy, capacity and computational power to make sense of large pools of data. It’s a critical tool in this era of cybercrime.
In addition, we’re leveraging our expertise to build the best security processes and features into everything we do. For example, by the end of the year we will roll out MyCO-OP, a new client portal that will provide credit unions with secure, universal access to CO-OP applications through a single, highly intuitive user interface. Improving our client experience was our primary focus in developing MyCO-OP. But we’ve also been driven to build in the best security to support that enhanced experience. MyCO-OP is not only streamlined and easy to use, but also PCI compliant, with multifactor authentication and Identity as a Service (IDaaS) security features designed in.
Sharing our expertise is one of the ways we hope to help our clients and the credit union community raise awareness – and effectiveness – around cybersecurity. Through thought leadership, industry news and even one-on-one consultation, we want to work together with you to track trends, share information and maximize the security of your data.
If you haven’t already, I invite you to check out what Paul Love has had to say this month on preparing a response to an Equifax-style breach, protecting your members’ trust, and attending the nation’s foremost hacking conference.
We’re not just safeguarding our members’ information and assets, but also their hard-earned trust. Financial institutions operate in a world of threat and risk today. Credit unions aren’t immune to those risks, but our industry does have a significant advantage in the area of trust. Our member-centric values and collaborative spirit have always set us apart. At a time when cybersecurity awareness can translate into frustration, annoyance, anger or anxiety, that differentiation is gold. When we match our good intentions with constant improvement and action, we secure a valued place in our members’ financial lives. That’s an asset worth protecting.