NAFCU Services Blog

Jan 22, 2021 by DefenseStorm

What Cyberattacks Are Really Costing Your Credit Union

By Steve Soukup, CEO, DefenseStorm 

InfographicCredit unions have been spurred to accelerate their move toward digital platforms and services after coronavirus, making the member experience more seamless than ever. With the increased use of technology, however, comes the ever-present risk of cyber vulnerabilities. In early 2020, VMWare’s Carbon Black group saw “attacks on banks and other financial institutions spiking by 38% between February and March to account for 52% of all attacks observed.” Still, executives don’t seem overly concerned.

The increasing threats are leading to increasing cybersecurity budgets. In fact, the financial services industry has the most expensive cybersecurity costs per employee at $1,436, according to a survey by Kapersky Labs. That’s more than the utilities and telecom/IT industries at $1,344 and $1,258, respectively.

Lost productivity can be significant. For every cyberattack a credit union faces, employees are distracted from other technology and service projects to resolve the problems caused by a breach. Employees are forced to deal with the consequences of the cyberattack, and productivity screeches to a halt.

Operational costs can be obvious. When credit cards or account numbers are stolen, it falls to the credit union to issue replacement cards to members. Additionally, depending upon who’s most compliant in the EMV security, the credit union may be required to refund the account any funds lost due to fraudulent transactions. Other fraud-related losses credit unions face regularly include investigating Reg E disputes and wire fraud.

The biggest potential expense is the hit to a credit union’s reputation resulting from a breach. If members’ money isn’t safe with you, they will take their business somewhere else. Credit unions need to implement strong security measures.

So why aren’t financial institution executives more concerned about cybersecurity? The primary reason is a false sense of security. They have ensured their credit union’s cybersecurity systems are up-to-date and in compliance with regulations; but as technology rapidly evolves, criminals find new ways to hack into systems. In the modern digital world, it’s more critical than ever for credit unions to remain vigilant and updated on the latest cybersecurity threats. If you are lucky, you won’t know you’re being attacked until it happens. Many breaches aren’t detected until months after threat actors gain access, so every step taken toward prevention is one less attack to worry about.

To learn more, download our whitepaper, "The Impact of the Cloud: Risks and Opportunities for Your Financial Institution."


About the Author