The National Credit Union Administration (NCUA) released a report to Congress this week that outlines steps taken to strengthen cybersecurity within the federally insured credit union system and the NCUA.
The NCUA’s annual Cybersecurity & Credit Union Resilience Report, which was submitted to the House Financial Services Committee and the Senate Banking Committee, contains information on the policies and procedures to address cybersecurity risks as well as activities to ensure effective implementation. Further, it discusses current or emerging threats.
“The actions outlined in this comprehensive report demonstrate the NCUA’s commitment to promoting a secure and resilient environment for credit unions and their members,” NCUA Chairman Todd Harper said. “Recent agency efforts to address cybersecurity risks, including implementation of the scalable Information Security Examination procedures at credit unions, training and support programs, and the cyber incident notification rule, are described in the report. Additionally, the report to Congress details the significant risks and challenges facing the credit union system and the financial system because of the NCUA’s lack of authority over third-party vendors. I continue to call on Congress to close this growing regulatory blind spot.”
The report is required by the Consolidated Appropriations Act of 2021.
For the remainder of 2023, the NCUA will continue to promote cybersecurity best practices in credit unions. Further, reviews of credit union information systems and assurance programs will remain a supervisory priority for the agency. In addition, the NCUA will continue to provide guidance and resources to assist credit unions with strengthening their cyber defenses.
The agency is funding cybersecurity grants as part of its 2023 grant initiative, which closes on June 30.