July 24, 2014

Olcott at A.C.: Cyber risk is a business risk

July 25, 2014 – Jake Olcott, principal at Good Harbor Security Risk Management, discussed three areas critical to improving cybersecurity on Thursday, including corporate governance, building a secure culture and crisis management during NAFCU's Annual Conference.

Olcott explained that there are four main motivations for cyber attacks:

  • financial gain;
  • political statement ("hacktivism");
  • competitive advantage (espionage); and
  • warfare.

He also explained the results and damage caused by a cyber attack, including competitive harm, financial loss, reputational harm and loss of privacy.

Olcott walked session attendees through several case studies involving cyber attacks and what they can learn from them and take back to their own credit unions.

One case study Olcott discussed was the Target data breach that occurred late last year. "We can take a lot of money to protect ourselves on the outside, but what happens when someone comes in from the inside?" he asked, referring to fact that the Target breach occurred through a third-party vendor.

Olcott encouraged credit union attendees to develop a cyber risk training and awareness program for employees and executives to create a culture of cybersecurity.

Among other sessions on Thursday:

  • Insuritas President and CEO Jeffrey Chesky led a session on online banking and transforming credit union websites into a fee-income e-commerce machine. Chesky walked credit union attendees through how to enhance their websites and give their members a better online banking experience.
  • Affinion Group Executive Vice President Ron Zickert led a session revealing survey results on how insurance products can boost credit union loyalty. The survey studied consumer attitudes and behaviors, and revealed a link between insurance products and member loyalty.