Newsroom

NAFCU is staying close to lawmakers as House and Senate leaders debate the issue of cyber security in the wake of several high-profile data breaches and in anticipation of a presidential executive order addressing it.

S. 21, introduced last week, expresses the "sense of the Congress" on cyber security and calls for strengthening protections for both public and private sector computer networks; improving information sharing between the private sector and government; and developing a public-private partnership to defend against cyber attacks. NAFCU is continuing to push for measures that, among other things, would require national standards for data security, impose liability if such standards are not met and require immediate breach notification to financial institutions and their account holders.

NAFCU lobbyists said S. 21 is aimed at conveying Congress' sense of what President Obama should include in an executive order, which is expected to come soon. Various reports indicate the president is considering the establishment of a voluntary system that would allow companies to choose to share sensitive information to help protect critical infrastructure.

‘Gozi' charges lodged

The bill was released on the heels of a report last Wednesday that federal authorities have charged three alleged hackers for using the "Gozi" Trojan horse virus to steal millions of dollars from financial institutions around the world. In a statement announcing the charges, U.S. Attorney Preet Bharara said the incident "should serve as a wake-up call to banks and consumers alike, because cybercrime remains one of the greatest threats we face, and it is not going away any time soon."

NAFCU is urging all credit unions to take cyber threats seriously and take the appropriate steps to be prepared.

Tech/Sec conference spotlights key threats

To that end, the latest on cyber security issues for credit unions will be a key focus of NAFCU's Technology and Security Conference next month in Austin, Texas. Over three days, the conference will give credit unions the latest on how to detect, prevent and respond to social engineering and cyber crime, social media and other online threats, ensuring system continuity and more.

Among the educational sessions are "Detecting, Preventing and Responding to Social Engineering and Cyber Crime," which will be led by Tyler Leet of ATTUS Technologies, and "Social Media and Online Threats: A Case Study of Online Impersonation," which will be led by Greg Ogorek of Cyveillance. Both sessions will include discussion about the most recent security threats. Descriptions of all the conference sessions are online.

Space is still available for those who want to register today. (Credit unions can also receive $100 off any 2013 NAFCU conference if they register by Thursday; use coupon code NEWYEAR).

• NAFCU issue brief, data security
• NAFCU Technology and Security Conference
• "Gozi Virus Creators Charged by the FBI with Stealing Millions from Online Bank Customers,"Huffington Post, 1/23