MIDDELTOWN, Penn.-Mid-Atlantic Corporate FCU is working to take the pole position in assisting credit unions in fighting cybercrime, including a related focus on potential threats from virtualization.
The the second year in a row it is planning to host an event, its Information Technology (IT) and Security Confer -ence, usually reserved for IT vendors.
"It is essential for IT pro -fessionals to stay current with the latest technology trends and security threats," said Richard Carberry, security administrator for Mid-Atlantic Corporate. "Mid-Atlantic Corporate's IT and Secu -rity Conference is an opportunity for credit union professionals to receive the latest edu -cation and technology information available to make their jobs more effective and con -venient."
While cyber-crime has long been a con-cern, it was noted as a "growing threat" in a survey by PricewaterhouseCoopers that was published in May. Ranked as the second most commonly reported economic crime affecting financial-service firms, it accounts for 38% of criminal incidents compared with 16% in other industries. According to the report, half of the financial-services com -panies polled noted that the risk of cyber attacks has spiked over the past 12 months compared with 36% in other industries.
"Cyber-crime puts the financial sector's customers, brand and reputation at signifi -cant risk," Andrew Clark, forensic services partner at PricewaterhouseCoopers, said in a released statement. "Regulators are increas -ingly viewing cyber crime as a key area of focus and financial institutions are expected to have appropriate systems and controls in place."
Trying To Raise Awareness
The conference, which takes place in Harrisburg, Penn., Aug. 13-14, will address a host of common issues such as network security breaches, disaster recovery and the rising cost of IT initiatives. Why is a corporate hosting a conference on cybercrime?
"There were several driving forces, but the primary reason was to increase credit union awareness regarding the changing security threats affecting them and the advancements in technologies available, including the challenges those advancements may create," said Marketing Manager Jamie Agostino.
It was on the success of the 2011 conference that more than 800 invitations were sent to credit unions and vendors for the upcoming event. This year's gathering will build on the founding construct: to enable credit union peers and IT and security industry experts to seamlessly interface.
"It creates a great setting for brainstorming and the sharing of ideas and experiences," said Carberry. "Last year, it was a very valuable and worthwhile, experience. This year will offer even more insights."
The keynote speaker this year is James Munton, an expert on ID theft, data breaches and the author of The Con: How Scams Work, Why You're Vulnerable and How to Protect Yourself. Scott Sutherland, a special agent with the FBI for more than 24 years, is scheduled to close the event.
Sutherland will address data and technology risks related specifically to financial institutions. In between, additional IT and security speakers include Mark Bell of Digital Defense, Joette Colletts of CUNA Mutual Group, Rocky Giglio of VMware/Microsoft Practice, Jeff Multz of Dell SecureWorks, and David Shallcross of the Pennsylvania Office of the Attorney General, among others.
"James Munton was chosen for his back ground with social engineering and deception practices. Social engineering is one of the primary ways that criminals get people to provide information they should not have," said Agostino. "Scott Sutherland has extensive experience with the FBI and has worked closely on many cases involving financial and cyber-crimes. We felt this was a great opportunity for the FBI to share some of their experiences and provide credit unions with real examples of criminal behavior."
Threats From Virtualization
A specific area of focus will be on virtual-ization, virtual security and cloud comput -ing, applications that are growing exponen -tially each year in the credit union space. "Moving to the cloud might be the absolute right thing for a credit union to do, but each one needs to look at a number of factors, including the current security posture, tech -nical resources, budget constraints and limita -tions of datacenters," said Carberry.
Additionally, attend -ees will be educated on updates related to the 2011 Federal Financial Institutions Examination Council (FFIEC) Supplemental Authentication in an Internet Banking Environment, a risk-management framework first introduced in 2005.
"It is absolutely critical that credit unions be familiar with this new FFIEC supple -ment, because it provides a framework of controls that need to be in place to help protect members from the ever-increasing threat of financial malware," Carberry con -tinued. "The escalating effectiveness and so -phistication of financial malware resulting in massive financial losses over the past few years prompted the FFIEC to release this update."
Find related articles at CUJournal.com:Best Practices and Solutions to Minimize Card Fraud, CU Journal, Feb. 27Hit 'em Where It Hurts: Using Analytics To Lock Up the FraudstersRoundtable With CU Technology Execs, CU Journal, Jan. 16