Only Three Things are Certain in Life: Death, Taxes, and…Data Breaches
If Benjamin Franklin were alive today, I believe this would be his new take on his famous quote. He would recognize the inevitable fact that data breach events, like death and taxes, cannot be stopped. They certainly can be deterred and delayed, but based on the avalanche of data breach events in the past eighteen months, as well as the industry forecast for more to come, Franklin would warn, “be prepared.”
We hear about the growing laundry list of companies that are focused on finding the magic pill that will give businesses and financial institutions, as well as individuals, a sense of peace and security. These companies all pinpoint individual elements of data breach exposure and create products or services sold as “preventative” solutions. But are they truly preventive? Whether it is credit monitoring services, software encryption programs, EMV chip cards, document destruction, protective data storage offerings, etc., they’re all one dimensional solutions, fighting a multi-multi-multi-dimensional problem.
So many former and current FBI leaders, and other criminal investigation experts, have warned about the pure fact that it is not a matter of if you will experience a data breach, but rather when it will happen. Security firms and experts on data breach, ID Theft, and cyber security all understand that the root of the problem is actually inherent in the world’s rapid technological advancements, and the public desire for increasingly more data mobility & accessibility. These factors, coupled with the human element, are the real reasons that data breach and ID theft events are not stoppable.
The human element is responsible for almost 70% of all data breaches, even though cyber theft events get the lion’s share of headlines in major news reports. The human element consists of much more than international organized crime or the local bad guys trying to hack into your business. It is the disgruntled employee, the negligent vendor, the absent-minded manager, or simply the misplaced laptop or thumb drive of personal data…..and the list could go on.
So, when faced with the inevitable truth about data breach and ID theft events, what is the best way for your credit union to be prepared for when it does happen?
Without neglecting your efforts to “deter” these events through proper policies, awareness programs, and compliance, it is imperative to have a strong and sound plan for mitigation and restoration/recovery. Incorporate strategies and solutions to help maximize your credit union’s preparedness for, and ability to, support members in their time of need, and for your institution in its time of the unthinkable. The good news for credit unions and their members is there are resources to help accomplish all of this, while also providing a valuable opportunity to generate non-interest income. Something perhaps even Franklin would applaud and consider “a penny saved”….a lot of pennies!