October is Cybersecurity Awareness Month and the League of Southeastern Credit Unions & Affiliates (LSCU & Affiliates) is working to ensure you are protected from bad actors – no matter where you are.
Credit unions face significant financial loss when a cyberattack occurs. Cybercriminals often rely on human error such as employees failing to install software patches or clicking on malicious links as a way to gain access to sensitive information. From the head of an organization to the newest employee, cybersecurity requires the vigilance of everyone to keep data, members, and finances safe and secure.
Know Your Cyber Basics
Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
Don’t make passwords easy to guess. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if employees use them correctly. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers, and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches.
Stay up to date. Keep your software updated to the latest version available as per your credit union’s guidelines. Talk to your IT team about turning on automatic updates, so you don’t have to think about it, and set your security software to run regular scans.
Follow your company’s social media policies. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share PII on social media platforms.
Don’t trust the sender immediately. Data breaches can occur even without a cybercriminal hacking into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages after reporting or forwarding to a supervisor, so that any necessary organizational updates, alerts, or changes can be put into place.