In past few years, financial institutions have been rocked by headlines about cybersecurity breaches and cybercriminals who have seriously compromised data held by banks, credit card companies, and credit report companies. One of the most recent high-profile attacks targeted Equifax, which may have exposed data of over 140 million people to hackers and anyone willing to pay for the information. Past cyber-attacks have targeted companies like Visa and Bank of America, while major companies in all sectors like Sony, Netflix, and even the UK’s NHS grab the headlines.
What too many credit unions believe is that these headlines mean cybercriminals are only out for the big fish. But cybercrime will strike wherever there’s money to be made. Credit unions look like easy targets to cybercriminals, with millions of dollars of assets and potentially fewer resources to invest in cybersecurity than major banks.
One of the biggest cybercriminal threats comes through boards of directors. Directors of credit unions are trusted with sensitive data and the financial information of their members. When they have to make lending decisions and analyze reports, they’re given highly sensitive data. Not only would a security breach of that data seriously damage a credit union’s reputation, there could also be regulatory consequences for failing to protect members’ information. While credit unions invest a lot in keeping their systems secure, it’s important to recognize that no security network is stronger than its weakest link. Often, the weak link is people and human error.
Phishing attacks, remote access trojans, and keystroke loggers are one of the biggest new trends in cybercrime designed to gain access to the networks of companies and financial institutions. These types of cybercrime are designed to get login credentials and they catch many companies by surprise by targeting human error. They use email and attachments to download malware onto a device, or even pose as clients, vendors, or IT support to get information from employees or directors.
One way to protect your board from cybercrimes such as phishing attacks, trojans, and keystroke loggers is to invest in a board portal. When many companies first moved from paper board books to electronic board books, some invested in early board portals, many of which offered superior security but at a high price, while others adopted free or inexpensive file sharing options like email, Google Docs, and Dropbox. The security weaknesses of these free options have since been exposed – email can be intercepted and it’s regularly used by imposters to conduct spearphishing attacks, while Google Docs does not recognize malware embedded in attachments.
Today, board portal companies like Aprio offer secure technology at a reasonable price. It gives administrators and executives a convenient way to electronically share sensitive board documents with peace of mind. When directors receive documents on Aprio Boardroom, they can access them online or offline and receive email notifications that take them directly to the portal. However, documents always remain in the portal, where they are secure and not subject to outside threats. Every user who logs in is authenticated for additional security protection. Board portal software has the power to protect credit union boards from cybersecurity and breaches caused by human error.
Featured Image by Shutterstock