Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CUNA: CUs Already Have Strong Data Security Standards
WASHINGTON (4/10/13)--Credit unions are already subject to robust data security requirements and standards, and should not be subject to additional regulations, Credit Union National Association Assistant General Counsel Dennis Tsang wrote in a comment letter filed with the National Institute of Standards and Technology (NIST).

The CUNA letter follows an NIST request for information on developing a framework to improve cybersecurity for critical infrastructure.

While a limited number of credit unions and other financial institutions have been the subject of cyberattacks and data breaches, "these problems do not mean that more regulation in this area is required for financial institutions," Tsang noted. "On the contrary, financial institution systems have been tested like few others, and are probably ahead of some other sectors in the evolution and adoption of defensive measures," he wrote.

NIST should instead "focus on maximizing the ability of the federal government to address communications and other gaps that undermine the ability of sectors such as financial institutions to protect themselves" and fully assess whether new or revised security standards are needed for non-financial entities. Increased coordination between national enforcement and intelligence-gathering agencies could help to more quickly identify potential threats, the CUNA letter added.

Tsang in the letter suggested that NIST coordinate any critical Infrastructure cybersecurity initiatives it undertakes with both public and private stakeholders going forward, and also protect business confidentiality, individual privacy and civil liberties.

"By working with the Department of Homeland Security and national intelligence agencies, sector-specific agencies, including the U.S. Treasury, [National Credit Union Administration] and other regulators; the Financial Services Sector Coordinating Council (FSSCC) and other sector-coordinating councils, and CUNA and other trade associations, NIST will be better able to identify, refine, and guide the many interrelated cybersecurity considerations from all key sectors," he wrote.

CUNA is a member of the FSSCC, which is comprised of more than 50 financial services entities and associations and works closely with the Financial and Banking Information Infrastructure Committee. That group coordinates the government's critical infrastructure efforts. The NCUA and U.S. Treasury are members of the group.

For the full CUNA comment letter, use the resource link.
Other Resources

CUNA Comment Letters
RSS print
News Now LiveWire
.@TheNCUA board unanimously voted today to designate board member Rick Metsger as vice chairman, effective immediately.
33 minutes ago
We really want to hear from our readers. Please take the News Now survey:
1 hours ago
Advanced technologies don't quell cybersecurity fears #NewsNow
2 hours ago
.@CentralMaineCom reports #creditunions have issued thousands of new cards to proactively protect members from Home Depot data breach.
3 hours ago
.@siskiyoucu does 'littlest things' for members as it waits for toll from devastating fire in Weed, Calif
4 hours ago