Why Credit Unions Should Start Selling Cyber Security
Cyber threats are constantly making headlines, and earlier this month FLEX was featured on CUInsight with the article Why Credit Unions Should Start Selling Cyber Security. Credit unions can and should make cybersecurity a competitive advantage.
Apple has made headlines recently for not providing assistance in unlocking suspect’s iPhones in a number of criminal cases, stating that respect for their customer’s data and privacy is of the highest importance. The iPhone is a communication device, not a security product, yet the Apple culture and focus on defense has made the iPhone’s security a competitive advantage that is attractive to consumers.
When it comes to security, the security of family and friends is of course number one on everyone’s mind, however, money and savings are not far behind. When choosing a banking institution, potential members typically look to credit unions for better savings rates, loan terms, and superior customer service. With this in mind, the Consumer Banking Experience Index survey has consistently found that consumers rank the safety and security of their personal information as their highest priority in the banking experience.
With a constant barrage of bad news about data breaches, hackers, and identity theft, members want the new technologies that credit union’s offer (such as mobile banking) while expecting their data to be secure. In the recent Consumers and Mobile Financial Services report released by the Federal Reserve, 42 percent of mobile banking users believe that their personal information is “very unsafe” or “somewhat unsafe.” It’s time for credit unions to position their institution as being the most secure option when it comes to banking choices. For each credit union, this begins by first looking within and then ensuring their operations are placing a strong focus on cybersecurity.
In a recent article, “Cybersecurity: Where is your Weakness?” it was discussed how security attackers only need one weakness to exploit a credit union’s network. Whether it’s not enforcing complex passwords, failing to conduct end user security training so that employees don’t fall for phishing emails, or not having timely security patches applied to servers and workstations – ensuring that these weaknesses in cybersecurity are addressed is crucial.
Once you have the processes and applications in place to safeguard your credit union as a stronghold against cyber-attacks, sell this higher level of security to your members. Make it a part of your culture that members can see. Use email encryption for member communication. Ensure employees know to never send sensitive information over email, better yet, use secure messaging through your desktop and mobile banking provider. Train employees on all aspects of security so that the terminology becomes part of their vernacular and members see and hear security in action. Recognize, like Apple does, that while you are not directly selling a security product, your dedication to ensuring a secure environment and protecting member data is a top priority.
The 2016 Hewlett Packard Enterprise State of Security Operations report backs this trend. Among companies that ranked high in HP’s assessments are organizations that don’t specifically sell security-based products, rather, they demonstrate with their own culture a higher respect for the security of their customer’s information. The report specifically notes that within these top companies, “Security operations capabilities are being used as a selling point for organizations. It showcases their commitment to security and ability to monitor for threats.”
The key to having confidence when it comes to cybersecurity is to create a culture of security and ensure your credit union is partnering with vendors that make your security their priority. With the right policies, procedures and vendors in place you can have confidence is selling security as a feature to your members.