Effective September 1, 2023, the NCUA will require all federally insured credit unions to notify the NCUA as soon as possible, within 72 hours after a reportable cyber incident has occurred.
“Each of us in the financial system has an obligation to protect our nation’s economic and financial infrastructure. And, credit unions must be included in conversations about critical infrastructure, as a whole. This final rule will facilitate such dialogue,” Chairman Todd M. Harper said. “Through these high-level early warning notifications, the NCUA will be able to work with other agencies and the private sector to respond to cyber threats before they become systemic and threaten the broader financial services sector. This final rule will also align the NCUA’s reporting requirements with those of the federal banking agencies and the Cyber Incident Reporting for Critical Infrastructure Act.”
Under the new federal rule, credit unions are required to report cyber incidents that lead to substantial loss of confidentiality, integrity, availability of member information or any incident that has a serious impact on the operational system.
All cyberattacks that disrupt business operations or vital member services must be reported within 72 hours.
To learn more about this ruling click here.
Your Strategic IT Partner Provides Exceptional Security Services and Support
Credit Unions more than ever need a security-focused managed IT service provider to help relieve the burden of maintaining, monitoring, and securing their internal IT networks.
Dynamic Quest has strategically partnered with credit union leagues throughout the southeast to ensure our services are uniquely tailored to the requirements and regulations that credit unions must comply with.
Cyber threats come from every direction. Implementing multiple security solutions provides the necessary support to keep you and your members’ priceless data secure. Businesses that engage with Dynamic Quest for managed IT services will find peace knowing our security solutions are actively protecting their endpoints.
The internal team was energized. With the Level 1 work off its plate, the team turned its attention to the work that fueled company growth and gave them job satisfaction.
The three sectors with the biggest spending on cybersecurity are banking, manufacturing, and the central/federal government, accounting for 30% of overall spending (IDC).
Forty-three percent of attacks are aimed at SMBs, but only 14% are prepared to defend themselves (Accenture).
40% of businesses will incorporate the anywhere operations model to accommodate the physical and digital experiences of both customers and employees (Techvera).
The average cost of a data breach in the United States is $8.64 million, which is the highest in the world, while the most expensive sector for data breach costs is the healthcare industry, with an average of $7.13 million (IBM).
More than 33 billion records will be stolen by cybercriminals by 2023, an increase of 175% from 2018.
The cost of cybercrime is predicted to hit $10.5 trillion by 2025, according to the latest version of the Cisco/Cybersecurity Ventures “2022 Cybersecurity Almanac.”.
It takes an average of 287 days for security teams to identify and contain a data breach, according to the “Cost of a Data Breach 2021” report released by IBM and Ponemon Institute.
We did a proof of concept that met every requirement that our customer might have. In fact, we saw a substantial improvement.
We did everything that we needed to do, financially speaking. We got our invoices out to customers, we deposited checks, all the things we needed to do to keep our business running, and our customers had no idea about the tragedy. It didn’t impact them at all.
“We believe our success is due to the strength of our team, the breadth of our services, our flexibility in responding to clients, and our focus on strategic support.”