Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CUNA: CUs Already Have Strong Data Security Standards
WASHINGTON (4/10/13)--Credit unions are already subject to robust data security requirements and standards, and should not be subject to additional regulations, Credit Union National Association Assistant General Counsel Dennis Tsang wrote in a comment letter filed with the National Institute of Standards and Technology (NIST).

The CUNA letter follows an NIST request for information on developing a framework to improve cybersecurity for critical infrastructure.

While a limited number of credit unions and other financial institutions have been the subject of cyberattacks and data breaches, "these problems do not mean that more regulation in this area is required for financial institutions," Tsang noted. "On the contrary, financial institution systems have been tested like few others, and are probably ahead of some other sectors in the evolution and adoption of defensive measures," he wrote.

NIST should instead "focus on maximizing the ability of the federal government to address communications and other gaps that undermine the ability of sectors such as financial institutions to protect themselves" and fully assess whether new or revised security standards are needed for non-financial entities. Increased coordination between national enforcement and intelligence-gathering agencies could help to more quickly identify potential threats, the CUNA letter added.

Tsang in the letter suggested that NIST coordinate any critical Infrastructure cybersecurity initiatives it undertakes with both public and private stakeholders going forward, and also protect business confidentiality, individual privacy and civil liberties.

"By working with the Department of Homeland Security and national intelligence agencies, sector-specific agencies, including the U.S. Treasury, [National Credit Union Administration] and other regulators; the Financial Services Sector Coordinating Council (FSSCC) and other sector-coordinating councils, and CUNA and other trade associations, NIST will be better able to identify, refine, and guide the many interrelated cybersecurity considerations from all key sectors," he wrote.

CUNA is a member of the FSSCC, which is comprised of more than 50 financial services entities and associations and works closely with the Financial and Banking Information Infrastructure Committee. That group coordinates the government's critical infrastructure efforts. The NCUA and U.S. Treasury are members of the group.

For the full CUNA comment letter, use the resource link.
Other Resources

CUNA Comment Letters

News Now LiveWire
Matz: Revised @TheNCUA #RBC rule for #creditunions 2 B unveiled 1/15/15, 90-day comment period to follow #newsnow
1 hours ago
Just announced: @TheNCUA board will consider a revised risk-based capital rule at its Jan 15 mtg. See #NewsNow Monday for more info.
2 hours ago
Nearing one-yr anniversary of data breach, @Target asks for class action suits to be dismissed via @BloombergNews
4 hours ago
.@PeoplesTrustFCU has been recognized with the Juntos Avanzamos designation by @Cornerstone_CUL for its service to the Hispanic community
4 hours ago
#NewsNow: Rep. Hensarling names #HFSC subcommittee chairs.
5 hours ago