They just don’t talk well together.

That’s the surprising conclusion in a report entitled “Surprising Disconnect Over Compliance and Secure Web Use at Financial Firms,” research sponsored by IT security company Authentic8. (Download the report here.)

Inside many banks and credit unions IT, compliance, and legal just don’t talk the same language and often do not see the same problems, according to this report.

Read the related CUInsight article about the report here. 

Today’s guest, Scott Petry, CEO of Authentic8 who will tell is about this internal Tower of Babel.

Here’s why it matters: “this disconnect creates the potential for sizable gaps in compliance and data protection approaches in these organizations.”

Credit unions may have even tougher going because in many cases some of these tasks are outsourced and often the vendors simply do not talk together. Ever.

Often, said the report, compliance focuses on reducing risks, legal relies on security policies, and IT is more attuned to attack vectors and keeping users content.

And those three orientations may collide.

The report explores how to get the three competing tribes on the same page, thus improving the institution’s digital security.

The report also looks at how to maximize web use while maintaining optimal security.  Increasingly a tool of choice is remote browser isolation and Petry tells why this solution is gaining favor inside many financial institutions.

The conversation starts off with an attention grabber: why the ordinary URL is IT’s nightmare. And know that Authentic8’s Silo web browser has built in protections that anticipate – and solve for – user errors, pages they should not have clicked on, and still worse. It’s protection for the Age of the Web and it consumes the first half of the podcast.

From there, we turn back to the question of the three tribes – and how to get them cooperating for the security of the organization.

Be prepared to hear realities you haven’t thought about – and the result may be heightened internal security.

Read the report. It’s short, it’s free, but it’s provocative: Get it here.

Listen Here

Want to listen to more of the Credit Union 2.0 podcast series? Click here to view the series.

Shane Butcher is a security guru at CUSO Ongoing Operations and lately has been busy helping numerous credit unions safely transition their employees to working from home.

The good news: credit unions that approach this methodically, carefully will probably be able to mitigate risks.

The bad news: credit unions that rush into this, haphazardly, with inadequate employee training may not.

One key: stress to employees working from home that they need to practice the very same security awareness as they do in the office. No shortcuts.

Butcher also warned that very probably cyber criminals are preparing to attempt to feast on remote credit union workers.  The risks are real.

Note, too, that Butcher’s OGO experience entails working with credit unions with assets under $100 million to ones with substantially over $1 billion. It’s a diverse customer mix but that gives him perspective on what is realistic, what is needed, what can happen.

“A lot of our customers are asking for help getting their remote workers online.”

His three word cure for a lot of today’s credit union security worries: training, training, training.

Butcher has significant concerns about BYOD access to the institution’s network – listen up find out why. But it starts with this: “we don’t know what’s on home devices” and that can range from malware to spyware to worse.

Hear the companion podcast on credit union remote workers with Kevin Langford of Georgetown Kraft Credit Union in South Carolina here.

Listen Here

Want to listen to more of the Credit Union 2.0 podcast series? Click here to view the series.

Suddenly credit unions across the nation are ordering employees home, as part of the response to the coronavirus pandemic.  And that is triggering a tidal wave of worries about the possible cyber insecurities that will result as newly empowered employees log into the credit union networks.

Hitherto, at many credit unions, the workers who had home access to the network were mainly senior, experienced, and both well trained and well equipped.

Today’s newly drafted home workers often lack the right equipment and their training may have been brisk.

Global cyber criminals are said to be eyeing these workers the way a hungry lioness eyes a slow wildebeest in the Serengeti.

That’s why you want to hear from Kevin Langford, chief information officer at $140 million Georgetown Kraft Credit Union in South Carolina.

Langford has trained many workers in the secrets of safe cyber work at home and here he tells what every credit union needs to be doing.

This topic is so big that next week we will post another podcast on the same theme with Shane Butcher, senior solutions and security architect at CUSO Ongoing Operations.

You need to listen to both.  The risks are extraordinary today and here are solid suggestions for navigating turbulence securely.

The UPS scam info is here.

The dropped USB drive info is here.

Listen Here

Want to listen to more of the Credit Union 2.0 podcast series? Click here to view the series.

Toke up – the CU2.0 Podcast is back with another look at cannabis and credit unions, a topic we last looked at a year ago in a two part podcast. Part 1 here, Part 2 here.

Welcome to Part 3, 2020 edition of Up in Smoke, credit union style. Today’s guest is Paul Stull CEO of the Credit Union Association of New Mexico.

What this is about is the business of banking cannabis companies, said Stull. And he fervently believes that cannabis – so far an untouchable for the big national banks – is a prime opportunity for credit unions to build dynamic and profitable business account relationships that involve both deposits and lending.

And this is business that right now the national banks won’t take on.

About two in every three states presently has legal marijuana in some form (medical, recreational or both).

Said Stull: “Most credit unions are involved in banking marijuana money whether they know it or not.”

His argument: do this openly, consciously, charge accordingly and it’s a win win, for the credit union, also for the marijuana business.

In the podcast, Stull offers a deep dive into why cannabis banking also benefits local communities – meaning this is a solid credit union business direction.

The opportunities with cannabis for credit unions right now looks immense.

Stay tuned because in a few weeks another cannabis themed podcast will drop.

Listen Here

Want to listen to more of the Credit Union 2.0 podcast series? Click here to view the series.

Want to grow your member base? Want to target particular kinds of members?

Content is your friend, says Shondell Varcianna, a financial services veteran who nowadays focuses on providing select financial institutions with finely targeted digital content – blog posts – for distribution via the credit union website, also social media.

Her driving point: content works when it is written to meet the specific needs of a targeted group. It can’t be all things to all people.

She especially recommends financial education content. Millennials, for instance, want info on home buying. Give it to them and you just may get the mortgage.

The key: have a strategy about what groups you want and what you want to sell them. The content will follow.

This is an informative podcast about a topic that usually is treated superficially. This is a deeper dive and it’s worth it because this is how to supercharge member growth.

Listen Here

Want to listen to more of the Credit Union 2.0 podcast series? Click here to view the series.