Trusted News for Credit Union Leaders

Credit Union Times

SEPTEMBER 26, 2018 | VOL. 29 | NO. 33 | CUTIMES.COM

Must Reads

CYBERSECURITY
Five Threats to Business
In today’s increasingly digital
world, the primary threats that
aim to disrupt your business and
your clients’ business can come
from a variety of sources and ma-
licious applications. Below are
the five biggest cyber threats I’ve
identified from my work on Rela-
tivityOne that could impact your
business along with how you can
protect yourself from each.

Agencies
Attempt
to Rein In
Guidance
REGULATIONS

DAVID BAUMANN

dbaumann@cutimes.com

1. Phishing

Phishing is arguably the most important threat vector to worry about. Your people are already inside your perimeter, behind your firewall and have access to your resources and protected assets. This is why phishing attacks are the way most malware gets into organizations – through a download because an internal user clicked on a link or attachment in a phishing email. Wombat Security has said that 76% of businesses have been a victim of a phishing attack within the last year and SANS Institute reported that 95% of all attacks on enterprise networks are the result of successful spear phishing.

FOCUSREPORT: MORTGAGE LENDING The dream of homeownership has eluded many Americans, especially since the Great Recession. Learn how one credit union is making that dream come true for low-income members in one of the nation’s most expensive housing markets in this Focus Report. Y6

rule is a rule and guid- ance is, well … not a rule. That’s the word from the federal financial regulatory agencies, who this month are pledging that they will not treat guidance as if it were a rule.

“Unlike a law or regulation, supervisory guidance does not have the force and effect of law, and the agencies do not take enforcement actions based on supervisory guidance,” the CFPB and five prudential agencies, including the NCUA, said in a statement issued on Sept. 11.

MOBILE BANKING

Members Positive About Texting

ROY URRICO

rurrico@cutimes.com

Training on how to detect a phishing email remains the best defense but it isn’t a one-and-done approach. Training needs to be repeated multiple times per year, and it is recommended that you phish your own people at regular intervals to spot check and provide constructive feedback. Verizon has reported that 30% of phishing mes- Y 14

igital challenges for credit unions include boosting online engagement, helping visitors evaluate offerings and driving qualified leads to their connected applications – all while satisfying member expectations for a better experience.

service tech solutions built to enhance the digital experience with credit unions: Lead-Gen Bots, interactive tools that track and engage consumers shopping for loans; and the Elle text messaging platform, an end-to-end member engagement vehicle that integrates with new membership and loan applications, and provides live chat for tracking.

banking IT infrastructure, helping
provide a smooth omnichannel
integration across
the web, mobile,
SMS, email and
Facebook.
Joseariel Gomez,
CEO at Shastic, said,
“When it comes to
credit unions, we
consider ourselves
specialists. As a
trusted technology vendor, Shastic
has worked with hundreds
Gomez

The agencies are seeking to assure financial institutions that they do not take enforcement actions based on guidance that they issue.

Credit unions and members of Congress have criticized agencies for regulating through guidance that does not have to go through the regulatory process, which includes public comment.

The Berkeley, Calif.-based Shastic has two software-as-a-

Many credit unions use both products because they connect with one another and into existing

Y 16

In one celebrated case, the CFPB issued auto sales guidance, which the Government Accountability Office said, in an opinion requested by Sen. Pat Toomey (R-Pa.), should have gone through the regulatory process. That Y 17