Credit Union cybersecurity is becoming increasingly important. It seems like almost every day we read about a new data breach or organization becoming the victim of a ransomware attack. In fact, according to Beazley Breach Response, there was a 105% increase in ransomware attacks in Q1 2019 and an increase of 93% in the average ransom demanded or paid. Given the current threat environment, it is crucial that Credit Unions have a strong, tested incident response plan ready if the worst should happen.
During an information security incident, or cyber-attack, stress levels can run high and the event can move quickly. It is crucial the Incident Response plan be as detailed as possible on what steps to take, who to contact, and also include what not to do. Responding to a security incident is different than recovering from an incident such as a hardware failure. Taking the wrong action can destroy evidence that identifies the vector of the attack or aid in legal proceedings against the malicious actor. Your Incident Response Plan should contain the following:
- A process for identifying and categorizing an incident
- A clearly defined Incident Response Team, and contact information for all members of the team, including detailed descriptions of roles and responsibilities for each member and department
August 2019: Credit Union Cybersecurity Tip of The Month from the OGO CISO Office