There was a lot of chatter at ACUC about Jay Isaacson's presentation about "Cyber and Data Security Losses." He talked about the "significant dollar losses and reputational damage done to companies.
According to the 2014 Verizon Data Breach Investigation Report, there were 1,367 data breaches in 2013 - 465 of those were in the financial industry. Isaacson said, "Network security is only as strong at the weakest link."
He asks credit unions to try and answer these questions when it comes to responding to a cyber-attack:
- Does your credit union have an Incident/Breach Response Plan?
- Does your credit union regularly review the controls and security of 3rd parties housing your data?
- Does your credit union have mechanisms in place to detect and react to potential Denial of Service (DDoS) attacks?"
The question is, what's the first thing you'd do if you found out there had been a data breach at your credit union?