IT Support and Hardware for Clinics
38.4K views | +0 today
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...!

Data breaches hit credit unions harder than big banks

Data breaches hit credit unions harder than big banks | IT Support and Hardware for Clinics |

Data breaches at retailers such as Target (NYSE: TGT), Home Depot (NYSE: HD), Staples (Nasdaq: SPLS) and others have a chilling effect on credit unions member services, said Credit Union National Association President and CEO Jim Nussle.

In town for the Western state credit union CEO meetings in Scottsdale, Nussle said that the cost of securing customers' privacy after those breaches has to be picked up by the nonprofit financial institutions.

"Data breaches are one of the two most important issues we want to bring to Congress' attention," Nussle said. "We have to pay first and then wait to see how we're going to get reimbursed. This needs to change for small organizations like credit unions and for community banks, too."

Nussle and Scott Earl, Mountain West Credit Union Association president and CEO, both agreed that the constituent impact is serious.

"I talked with a CEO of a credit union that had to reissue cards three times last year," said Nussle. "They must have had customers that shopped at Target, Home Depot and Jimmy John on the same day."

Earl said that the data breach issues is a serious cost.

"We're not seeing a way to recoup the costs in time and expense for dealing with the breaches to protect our members. Those costs come out of funds we can use to provide member services," he said.

In 2013, Desert Schools Credit Union had to reissue 40,000 ATM and credit cards after the Bashas' data breach, according to Vice President of Marketing Cathy Graham.

The cost was not just for replacement credit cards, but the big hit was the dollars in fradulent activity and the amount of reimbursement to members. Graham reported that Desert Schools became proactive, and deployed new technologies to monitor accounts. With these systems in place on an account-by-account basis, 2014 data breaches resulted in far fewer cards needing to be reissued.

CUNA, which represents 90 percent of the 6,700 U.S. credit unions, plans to take the issue to Congress and seek legislation to protect members' values.

Credit unions are also facing impacts from the Dodd-Frank legislation, said Nussle and Earl.

"Even though most credit unions are under the $10 billion threshold they still need to adapt the same kinds of record-keeping as large banks," said Earl. "This is especially true with mortgage paperwork. The volume of paperwork and the cost is astounding."

No comment yet.!

The Year of the Data Breach - HIPAA-HITECH Compliance Software & Consulting - Clearwater Compliance

As early as July, 2014 was already being called “The Year of the Data Breach”. Big brands like Home Depot and Target were the headliners, but they weren’t alone.  Retailers and financial institutions of all sizes were combating cyber crime after cyber crime. Meanwhile, the healthcare industry suffered its share of incidents as well. In fact, 2014 saw the U.S. Department of Health and Human Services’ database of major breach reports (those affecting 500 people or more) surpass 30.1 million people.

The good news is that 2014 is over. The bad news is that in 2015, things could get even worse.

It seems that 2014 was more of “a sign of things to come” than it was “a moment in time.” This rings especially true for those of us who are safeguarding protected health information.

We have entered an unprecedented era where cyber attacks are becoming more frequent and more sophisticated with every passing day.

In a recent 60 Minutes special, FireEye CEO David DeWalt estimated that 97 percent of companies are getting breached, with hundreds of thousands of attacks happening on a weekly basis across the globe.

Retailers, banks and others are consistently increasing their spending related to security. They are trying diligently to prevent attacks. But in today’s environment, DeWalt believes that breaches “are inevitable.”

The burden that breaches place on the economy, individual organizations and consumers is significant. Widespread compromises of data are driving $11 billion plus in fraud each year. Just as costly is the fact that we are teetering on a crisis of confidence. Can anyone really protect sensitive data?

Given all this, should we just waive the white flag and surrender?

Obviously, the answer is no. While breaches may indeed be “inevitable” at the macro level, there are absolutely things that can be done to reduce the amount of breaches that occur, and to give your organization a better chance of not being part of the statistics. What’s more, the eventual damage a breach causes is highly contingent upon how well you respond to it.

Consider this scary statistic. From the time a “bad guy” hacks into sensitive data, it typically takes 229 days for the breach to be detected. 229 days!

DeWalt argues, as do we, that trying to prevent a breach is only part of what your organization should be doing. A comprehensive approach means that you are assessing your risk of falling victim to a breach, identifying ways to mitigate that risk from coming to life and appropriately planning for how you will respond if you do experience a breach. In other words, how are you assessing and managing information risk within your organization?

The criminals eventually are going to find their way into organizations.

So, the task at hand if you’re among the unlucky ones is to make sure the bad guys don’t gain access to your most important information, that you identify breaches much more quickly and that you stop the criminals from leaving with valuable information. In short, limit the damage.

The plain truth is that the year ahead promises more of the same. A cybersecurity war is being waged, and your data is at the center of it. Make sure you are prepared for battle. If you haven’t done so already, I’d encourage you to download Clearwater’s whitepaper explaining our Information Risk Management Capability Advancement Model. It’s a free resource, and it offers an extensive framework for determining how well you are equipped to manage information risks, and what steps you should consider in the year ahead to strengthen your internal programs.

Here’s to hoping 2015 is a breach-free year for you!

No comment yet.