Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CUNA: CUs Already Have Strong Data Security Standards
WASHINGTON (4/10/13)--Credit unions are already subject to robust data security requirements and standards, and should not be subject to additional regulations, Credit Union National Association Assistant General Counsel Dennis Tsang wrote in a comment letter filed with the National Institute of Standards and Technology (NIST).

The CUNA letter follows an NIST request for information on developing a framework to improve cybersecurity for critical infrastructure.

While a limited number of credit unions and other financial institutions have been the subject of cyberattacks and data breaches, "these problems do not mean that more regulation in this area is required for financial institutions," Tsang noted. "On the contrary, financial institution systems have been tested like few others, and are probably ahead of some other sectors in the evolution and adoption of defensive measures," he wrote.

NIST should instead "focus on maximizing the ability of the federal government to address communications and other gaps that undermine the ability of sectors such as financial institutions to protect themselves" and fully assess whether new or revised security standards are needed for non-financial entities. Increased coordination between national enforcement and intelligence-gathering agencies could help to more quickly identify potential threats, the CUNA letter added.

Tsang in the letter suggested that NIST coordinate any critical Infrastructure cybersecurity initiatives it undertakes with both public and private stakeholders going forward, and also protect business confidentiality, individual privacy and civil liberties.

"By working with the Department of Homeland Security and national intelligence agencies, sector-specific agencies, including the U.S. Treasury, [National Credit Union Administration] and other regulators; the Financial Services Sector Coordinating Council (FSSCC) and other sector-coordinating councils, and CUNA and other trade associations, NIST will be better able to identify, refine, and guide the many interrelated cybersecurity considerations from all key sectors," he wrote.

CUNA is a member of the FSSCC, which is comprised of more than 50 financial services entities and associations and works closely with the Financial and Banking Information Infrastructure Committee. That group coordinates the government's critical infrastructure efforts. The NCUA and U.S. Treasury are members of the group.

For the full CUNA comment letter, use the resource link.
Other Resources

CUNA Comment Letters

News Now LiveWire
.@LACULeague in @DailyComet: #creditunions' "old" benefits attractive to new generation
3 hours ago
At @FTC request, court halts operations of an alleged debt-relief scammer calling itself “FTC Credit Solutions.”
8 hours ago
.@daytondailynews : The secret is out about #creditunions @DayAirCU @CODECreditUnion
8 hours ago
.@CUNA's @Nussle on @SenatorReid :(2of2)On behalf of more than 102M #CU members,I thank him 4 his leadership over the yrs/wish him the best.
10 hours ago
.@CUNA CEO Nussle on Sen. Reid’s decision not 2 seek re-election (1of2): Sen. Reid has a long history of #CU support throughout his career.
10 hours ago