Tuesday, February 25, 2014
Matz Warns CUs about Cyber and Interest Rate Risks
In a speech before the Credit Union National Association, Debbie Matz, the National Credit Union Administration (NCUA) Chairman, stressed that credit unions needed to be prepared for volatile and rising interest rates and also cyber-attacks.
With regard to interest rate risk, Chairman Matz warned that chasing near-term profits by concentrating your portfolio in long-term investments, while long-term rates are rising and short-term rates remain low, may be appealing; but it is ultimately a trap. When short-term rates begin to rise, this strategy will leave your credit union vulnerable.
But the majority of her speech focused on cyber-security issues.
Chairman Matz cited an example where hackers "broke into a medium-size credit union and used the credit union’s passwords to access one of the larger credit bureaus. From there, the hackers stole credit reports on hundreds of people who weren’t even credit union members."
She asked the audience to imagine a scenario where the hackers were not motivated by money, but by terrorism. Imagine the damage the cyber-terrorist could do, if they infilitrated the payment system.
Chairman Matz told the audience that NCUA "examiners will be looking to see how credit unions are implementing appropriate risk mitigation controls to better protect, detect, and recover from cyber-attacks. This includes vendor due diligence, strong password policies, proper patch management, employee training, and network monitoring."
She encouraged the audience to review recently developed voluntary national cyber-security framework by the National Institute of Standards and Technology.
Read the speech.
With regard to interest rate risk, Chairman Matz warned that chasing near-term profits by concentrating your portfolio in long-term investments, while long-term rates are rising and short-term rates remain low, may be appealing; but it is ultimately a trap. When short-term rates begin to rise, this strategy will leave your credit union vulnerable.
But the majority of her speech focused on cyber-security issues.
Chairman Matz cited an example where hackers "broke into a medium-size credit union and used the credit union’s passwords to access one of the larger credit bureaus. From there, the hackers stole credit reports on hundreds of people who weren’t even credit union members."
She asked the audience to imagine a scenario where the hackers were not motivated by money, but by terrorism. Imagine the damage the cyber-terrorist could do, if they infilitrated the payment system.
Chairman Matz told the audience that NCUA "examiners will be looking to see how credit unions are implementing appropriate risk mitigation controls to better protect, detect, and recover from cyber-attacks. This includes vendor due diligence, strong password policies, proper patch management, employee training, and network monitoring."
She encouraged the audience to review recently developed voluntary national cyber-security framework by the National Institute of Standards and Technology.
Read the speech.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment