By Roberto Endrizzi
As consumers’ dynamic needs continue to perpetually evolve, financial institutions have strong incentives to be the first movers in offering the latest and greatest technological products and services. While this can be an effective strategy in attracting consumer business, it can also be extremely dangerous if the integration process is not tactically and strategically thought out and implemented.
Fortunately, credit unions have shown a distinct proclivity of methodically and effectively introducing technology to their employees and members. Nonetheless, credit unions should adopt a formal approach and framework for integrating new technology into their institution.
The following principles can serve as a foundation to successfully and safely integrate new, innovative technologies into your credit union.
Think Like a Cybercriminal
When crafting technology integration strategies, IT teams should actively identify what data cyber criminals would most likely attempt to steal as well as areas of vulnerability that cyber criminals could use to obtain such data. It is critical that credit unions leave no stone unturned in determining where and how cybercriminals will attempt to infiltrate their institution.
Prioritize Internal and External Threats
On a daily basis, credit unions face momentous internal and external cyber security threats. Nevertheless, many financial institutions make a calculated misstep by prioritizing prevention of either internal or external threats. This can be a fatal mistake that leaves institutions exposed to a plethora of cyber dangers. At all times, credit union IT teams must be cognizant of maintaining an achievable balance between both internal and external threats.
Train your employees
From clicking on a phishing email to not securing a password properly, humans are fraught with potential cyber security weaknesses. In fact, according toWillis Towers Watson’s Cyber Risk Culture Survey, 90 percent of all cyberinsurance claimsare “the result of some type of human error or behavior.”
Credit unions have a duty to their members, employees and institution to establish a comprehensive cyber security training program that emphasizes real-world threats. The trainings should include scenarios that could occur during the integration of new technology at a credit union, and they should be held frequently to keep employees abreast of the latest threats and what they should be on the lookout for.
This is especially true while onboarding employees, when credit unions have to bring new hires up to speed quickly on the security protocols of their institution. There can be no weak links when trying to uphold the highest level of cyber security.
Moving beyond one-off trainings, credit unions must build cultures that prioritize learning and security. Credit unions’ IT staff as well as other employees should be afforded continued learning opportunities to familiarize themselves with the latest cybersecurity threats and solutions. A learning culture is critical to minimizing the likelihood of successful cyber-attacks during increased vulnerability periods such as the integration of new technology.
As cyber threats continue to increase, credit unions must have comprehensive approaches in place to handle potential intrusions. By building a foundation with the above principles, credit unions will significantly reduce the chances of cyber criminals successfully infiltrating their institutions during vulnerable time periods.
Roberto Endrizzi is Chief Technology Architect at DEDAGROUP ICT Network’s International Division. DEDAGROUP is majority owner of EPL, Inc. Mr. Endrizzi can be contacted at firstname.lastname@example.org .