In the rapidly evolving cyber threat landscape, credit unions must leverage threat intelligence to quickly react to new vulnerabilities. New threats are identified daily, and good threat intelligence allows credit unions to determine which vulnerabilities require immediate decisive action and which can be addressed during normal maintenance windows. Timely action to emerging threats can make the difference in averting a breach and protecting member data.
What is Threat Intelligence?
Gartner defines threat intelligence as:
Evidence-based knowledge, including context, mechanisms, indicators, implications, and action-oriented advice about an existing or emerging menace or hazard to assets. This intelligence can be used to inform decisions regarding the subject’s response to that menace or hazard.
In simpler terms, threat intelligence is information that allows credit unions to understand and act on threats to their information systems and member data. Now that we know why we need threat intelligence, where can we find it?
Common Threat Intelligence Sources for the Credit Union Industry
There is a plethora of respectable threat intelligence that credit unions can subscribe to. Some of the most commonly used by credit unions today are:
- FS-ISAC – Financial Services Information Sharing and Analysis Center. This is a paid subscription service that provides financial industry threat intelligence and information sharing among members. This included vulnerabilities, attacks, fraud, and best practices information.
- US-CERT – Provided by the Cybersecurity & Infrastructure Security Agency (CISA). US-CERT provides alerts, tips, and best practices across multiple industries. CISA guides US Government agencies on cybersecurity and is an excellent source of threat intelligence for credit unions.
- Managed Security/SIEM Providers – Managed security providers will often provide updates regarding critical vulnerabilities that may impact your credit union and require immediate attention.
- Key Technology Providers – Technology providers such as Microsoft, Cisco, VMware, core and online banking providers, etc. provide information on threats and vulnerabilities specific to their products.
Effectively Using Threat Intelligence
With so many threat intelligence sources available to your credit union, it is easy to get overloaded with too much information when subscribing. Here are three tactics to ensure your credit union has actionable information.
- Subscribe to threat intelligence sources that apply to the systems you have in your credit union. This may seem like an easy one, but you would be surprised how easy it is to subscribe to excess data. While sometimes more is better, too many sources can lead to information overload and create noise.
- Ensure alerts are sent to appropriate parties when signing up for threat information. IT and security staff should receive detailed information on threats to systems. The management and executive teams should receive summary information on critical and industry-wide threats.
- Understand the threat ranking in relation to your environment. Not all threats have the same risk to all environments. To ensure you are not burning out your IT and security staff, ensure that you review the risk of the vulnerabilities to your environment when deciding what actions to take and how quickly to take them.
We cannot underscore enough the importance of threat intelligence for credit unions. The appropriate action to threats can be the difference between a major data breach and no incident. Your credit union must be well informed and ready to react to impending vulnerabilities and threats.
*Blog written by Ongoing Operations, a Dataprise partner.
Interested to see how your credit union stacks up when it comes to cybersecurity? Sign-up for our cybersecurity posture check today.