NAFCU supports enhanced data security protections under safeguards proposal
NAFCU's Andrew Morris shared the association's support of the Federal Trade Commission's (FTC) efforts to modernize its Safeguards Rule in a letter sent Friday. The proposed amendments would amend the FTC's implementation of the Gramm-Leach Bliley Act's (GLBA) safeguards provisions by aligning data security standards for nonbank financial companies more closely with those already established by prudential regulators.
"Although federally-insured credit unions are not subject to the FTC's Safeguards Rule, they follow regulations and guidance promulgated by the National Credit Union Administration (NCUA) and the Federal Financial Institutions Examination Council (FFIEC)," wrote Morris, NAFCU's senior counsel for research and policy. "Given the severity and extent of recent data breaches at financial companies subject to the FTC's jurisdiction and Safeguards Rule, such as Equifax, it is imperative to adopt more comprehensive security requirements."
Morris acknowledged that the proposed incident response plan is an improvement in regards to cyber hygiene, but recommended that the FTC consider additional reporting and notification requirements to "ensure that security breaches can be contained and mitigated as quickly as possible."
"NAFCU considers mandatory reporting and disclosure essential in any federal data security standard and has, for many years, advocated for legislation that would hold merchants and other entities handling financial information accountable for the consequences of data breaches," Morris said.
NAFCU also sought clarification of the applicability of the Safeguards Rule to accommodate existing regulatory frameworks for data security.
NAFCU has long been active with lawmakers on the issue of data security and was the first group after the massive 2013 Target data breach to call for a legislative solution to reform the nation's data security system. The association has cybersecurity compliance resources available online.
Add to Calendar 2020-01-15 14:00:00 2020-01-15 14:00:00 Cybersecurity Threats in 2020 As credit unions mature their cybersecurity defenses and refine their detection and response programs, hackers continue to find new ways to penetrate their systems. In this webinar, we will explore the latest developments in cybersecurity attacks and how they impact a credit union’s operations and their members. We’ll also discuss the latest in ransomware, social engineering, distributed denial of service and attacker profiles and motivations. Attendees will gain an understanding of the current cybersecurity threat landscape through the analysis of case studies and examples of public disclosures. Key Takeaways Understand the latest threat developments Learn where credit unions can focus valuable risk mitigation resources Develop and refine a framework of knowledge to plan future security efforts Purchase Now$295 Members | $395 Nonmembers (Additional $50 for CD)One registration gives your entire credit union access to the on-demand recording until January 15, 2021.Already registered? Go to the Online Training Center to view live. Who Should Attend? NAFCU Certified Bank Secrecy Officers (NCBSOs) NAFCU Certified Compliance Officers (NCCOs) NAFCU Certified Risk Managers (NCRMs) Chief Executive Officers, Chief Financial Officers and Chief Operating Officers Compliance staff Risk staff IT staff BSA staff Education Credits NCCOs will receive 1.5 CEUs for participating in this webinar. NCRMs will receive 1.5 CEUs for participating in this webinar. NCBSOs will receive 1.5 CEUs for participating in this webinar. CPA credit information is below; recommended 1.5 CPE credits. CPA Certification Credit Information Reviewer: Josie Collins, Education Manager, NAFCU Learning Objectives: Understand the latest threat developments. Learn where credit unions can focus valuable risk mitigation resources. Develop and refine a framework of knowledge to plan future security efforts. Program Level: Basic Prerequisites Needed: None Advance Preparation Needed: None Delivery Method: Group Internet-Based Recommended CPE Credits: 1.5 credits Recommended Field of Study: Information Technology - Technical National Association of Federal Credit Unions (NAFCU) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. Learn more. About Our Webinars Our webinars are streamed live from NAFCU headquarters near Washington, D.C. Your audio/video feed of the presenters includes presentation slides and downloadable handouts. You can easily submit your questions to the presenters at any time during the live broadcast, with no dialing over the phone! The audio and video stream directly through your computer. Web NAFCU firstname.lastname@example.org America/New_York public
Credits: NCCO, NCRM, NCBSO, CPE
Get daily updates.
Subscribe to NAFCU today.