{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Credit Union Regulatory Guidance Including: NCUA, CFPB, FDIC, OCC, FFIEC","title":"Board of Director Engagement in Cybersecurity Oversight: NCUA Letter to Credit  Unions","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/0616c15e\"></iframe>","width":"100%","height":180,"duration":747,"description":"Hello, this is Samantha Shares. This episode covers the National Credit Union Administration’s Letter to credit unions 24 dash C U 2 Board of Director Engagement in Cybersecurity Oversight The following is an audio version of that letter.    This podcast is educational and is not legal advice.  We are sponsored by Credit Union Exam Solutions Incorporated, whose team has over two hundred and Forty years of National Credit Union  Administration experience.  We assist our clients with N C U A so they save time and money.  If you are worried about a recent, upcoming or in process N C U A examination, reach out to learn how they can assist at Mark Treichel DOT COM.  Also check out our other podcast called With Flying Colors where we provide tips on how to achieve success with N C U A. And now the letter.Board of Director Engagement in Cybersecurity OversightToFederally Insured Credit UnionsSubjectCybersecurityDear Boards of Directors and Chief Executive Officers:The frequency, speed, and sophistication of cyberattacks have increased at an exponential rate. Foreign adversaries and cyber-fraudsters continue to target all sectors of our nation’s critical infrastructure — including credit unions and other financial institutions. From September 1, 2023, the effective date of the N C U A’s cyber incident notification rule, through August 31, 2024, federally insured credit unions reported 1,072 cyber incidents. Seven out of ten of these cyber incident reports were related to the use or involvement of a third-party vendor.A recent ransomware attack on a credit union has been attributed to  malvertising a relatively new cyberattack technique that injects malicious code within digital ads. For this type of attack to work, the user doesn’t even have to physically click on a link for the system to become infected. Instead, a simple internet search can result in malvertising that exploits the vulnerabilities in an internet browser. Credit union cybersecurity teams should focus on...","thumbnail_url":"https://img.transistorcdn.com/DblKo84_Ha6-XOQnfj5k1wmxCkQHeB53BeeKc2eI7dM/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9zaG93/LzQ4MTk5LzE3MDM4/NTQxOTktYXJ0d29y/ay5qcGc.webp","thumbnail_width":300,"thumbnail_height":300}