WESTPORT, Conn.—A new report on how credit unions protect sensitive and confidential data indicates that most CUs do not think they have complete protection against insider threats.
The study from Awareness Technologies, conducted in partnership with the CUNA Strategic Services, revealed 77% of all CUs surveyed do not believe, or they are unsure if they have complete protection regarding internal data threats, but 62% have stated they already have security controls in place.
“These last two statistics are alarming because this would suggest that the overwhelming majority of credit unions surveyed do not believe they have enough protection regarding data threats that occur internally,” the study explained.
Eighty-three percent of the CUs surveyed acknowledged their biggest concern is confidential information being transferred to unauthorized recipients, while another 52% say they are worried about sensitive data being transferred by use of removable media, the report explained.
“The demand for insider threat protection is growing, but it’s often an expensive and demanding process,” said Michael Goldberg, VP of corporate marketing for Awareness Technology.
Late last year an NCUA examiner lost a flash drive that contained data on members from Palm Springs FCU in California.
Following that loss, NCUA formed a new team to investigate procedures and is mulling changes to data transfers. “The security of credit union members’ personally identifiable information is a top priority for NCUA,” the agency stated. “The agency takes its responsibilities in this area very seriously and expects credit unions to do likewise. NCUA is also committed to ensuring that the data shared in exams is protected at all times.”