Newsroom
September 12, 2014
Gerety: 'Cybersecurity doesn't have to be complicated'
Treasury Department Acting Assistant Secretary for Financial Institutions Amias Gerety discussed the rising number of cybersecurity threats facing credit unions at NAFCU's 2014 Congressional Caucus Friday.
"It seems that each new week brings a new report" about data security breaches, Gerety said, adding that Treasury is working to combat malicious actors targeting U.S. critical infrastructure via financial services. "These actors only need to penetrate one vulnerability, whereas we need to protect our entire system."
Gerety said he believed government and credit union interests "are truly aligned" with regard to collaborating on cybersecurity. He promoted the voluntary National Institute of Standards and Technology (NIST) framework for reducing risks to critical infrastructure. The framework is based on five basic steps: identify treats, protect against them, detect them, respond to them, and recover from them.
"Improving your cybersecurity doesn't have to be complicated – it starts with a conversation," he said, explaining that, because many cyberattacks are opportunistic and may arise from an employee simply clicking on an unsafe link, all employees at a credit union should be aware of the necessary precautions.
After his remarks, Gerety also made time to speak with credit union leaders at the conference. NAFCU will continue to work with Gerety and his department to create additional resources for credit unions to assist in creating cybersecurity programs and processes.
"It seems that each new week brings a new report" about data security breaches, Gerety said, adding that Treasury is working to combat malicious actors targeting U.S. critical infrastructure via financial services. "These actors only need to penetrate one vulnerability, whereas we need to protect our entire system."
Gerety said he believed government and credit union interests "are truly aligned" with regard to collaborating on cybersecurity. He promoted the voluntary National Institute of Standards and Technology (NIST) framework for reducing risks to critical infrastructure. The framework is based on five basic steps: identify treats, protect against them, detect them, respond to them, and recover from them.
"Improving your cybersecurity doesn't have to be complicated – it starts with a conversation," he said, explaining that, because many cyberattacks are opportunistic and may arise from an employee simply clicking on an unsafe link, all employees at a credit union should be aware of the necessary precautions.
After his remarks, Gerety also made time to speak with credit union leaders at the conference. NAFCU will continue to work with Gerety and his department to create additional resources for credit unions to assist in creating cybersecurity programs and processes.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.