A year has passed since the infamous Equifax breach led to 140 million Americans having their financial information stolen by hackers. In 2017 financial services firms fell victim to 3 times as many cybersecurity attacks as other businesses. Consumers are now more worried about being victims of identity theft than they are about becoming seriously ill, being in a car accident or having their home robbed.
As the need for better cybersecurity intensifies, how have credit unions and other financial institutions responded? Educating staff and members about the importance of cybersecurity practices has become a priority. Improved security technology – and better digital technology overall – has helped create a more secure data environment. As Congress considers new cybersecurity regulations, credit unions are in turn considering the value of new approaches: new authentication methods, stronger security processes and maybe even products like identity protection.
In the year since the Equifax breach happened, some would say financial firms have done too little to respond to the escalating threat of cyberattacks. Others might note that the needle has moved, both for financial institutions and their members. We’re in a race against sophisticated and relentless criminals who are disproportionately targeting our data. It’s a tough race, but we’re running.
Here are five industry stories that describe how credit unions and consumers have addressed cybersecurity issues in the year after the Equifax breach.
Cybersecurity Report Card Shows Rising Grades Across Industries
An annual survey by Seattle-based DomainTools revealed growing confidence among security professionals, whose organizations are investing in automated processes, threat intelligence solutions and a commitment to company-wide training. Self-assigned report card grades improved in 2018, with 21 percent of respondents giving their programs an “A,” and 42 percent rating their work at a “B.” The percentage graded “C” or worse also declined.
House Data Security Plan Omits Key Credit Union Priority
The House Financial Services Committee marked up data security legislation designed to help protect consumer data across different industries. However, the bill fails to address a major credit union priority: It does not set a strict consumer data breach notification standard for retailers. “Chairman Luetkemeyer’s bill is a good first step, and it ensures all financial regulators establish uniform breach notification standards for all regulated financial entities similar to what is already in place for credit unions, while providing credit unions a clear preemption from state laws on data protection and notification standards,” Brad Thaler, NAFCU’s vice president of legislative affairs, said. “However, NAFCU will continue to work to ensure consumers are fully protected across the board, as we strongly support a universal data security standard covering merchants and retailers as well.”
New Data: Why Bank Customers Prefer Convenience over Security
Although consumers are aware of and concerned about data security issues, user experience still trumps safety for most. Of consumers surveyed by Socure and PYMNTS, 54 percent of those aged 25 to 34 prefer fast authentication processes and 67 percent who have used facial recognition authentication prefer it for its security.
Is Data Privacy a Key Concern as Financial Firms Move Businesses to the Cloud?
Financial services firms are investing substantially in moving their data to the public cloud. Yet, in doing so, relatively few see data security and privacy as an inhibiting factor. A full 82 percent of senior technologists and market data managers surveyed by Thomson Reuters believed the need for greater security would be a positive driver towards the adoption of the public cloud, but only 12 percent believed it was a factor inhibiting cloud adoption. That said, the top three concerns respondents had: data residency (24 percent), data privacy (19 percent) and losing control over data (18 percent).
Consumers’ Data Privacy Fears May Hurt Fintechs, Help Banks
Research from The Clearing House uncovers a potential opportunity for credit unions to educate members about the privacy compromises they make when they use third-party apps to manage their money. Nearly 90 percent of consumers are concerned about data privacy and data sharing, with 56 percent expressing an interest in retaining control over how their data is used and shared.
Whether it’s card-skimming, jackpotting or an enterprise-wide data breach, fraud never stops. Don’t miss the next Fraudbuzz Webinar on September 20 at 11am PT, where we’ll discuss the latest threats your credit union should know about and how to mitigate them.