4 Ways the Great Resignation Impacts Cybersecurity Concerns

Written by

 

There had been a lot of talk about the impact of the Great Resignation, and much of it centers around hiring practices, salary negotiations, and employee retention and turnover. But there are residual effects stemming from these mass resignations, and some of the most important effects involve your cybersecurity operations.

Let’s talk about some of the biggest ways the Great Resignation is impacting cybersecurity concerns, and what your organization should be doing about it.

High Employee Turnover = Higher Data Loss

Data loss is always a concern after a resignation. Some of it is intentional – employees take data out of spite or even to use at their next job. But there are also many instances where data is lost simply because the former employee didn’t store the data properly – they stored it on their work computer rather than in the shared files or department-specific locations, or maybe they were using a personal device to have work conversations or store other important data.

This data can be used to sabotage a previous employer or to gain an advantage over a new employer. Workplace culture is changing, and because younger generations are tech-savvy by the time they hit middle school, your data can be shared, copied, or destroyed very easily by a disgruntled employee, or even just by a former worker who was unaware their personal computer has the only copy of certain files. Safeguarding your data and teaching your staff to use and store it in the proper place and through proper channels can help mitigate this risk.

Because of these increased data cybersecurity concerns, your credit union should be using the best data access practices. The primary component of these practices should be reviewing the access your current and former employees have or had and making sure they only have necessary access moving forward.

When you do this, think about how each employee’s role and responsibilities have changed during their time at your credit union. Maybe they needed a higher level of access to member account details when they were in more of a customer service role, but now that they are running your marketing campaigns, that access is no longer necessary.

The Cybersecurity Industry Isn’t Immune to the Great Resignation

Another reason the Great Resignation is creating cybersecurity concerns is that the cybersecurity industry is also affected by these mass exoduses. Many cybersecurity professionals have also left their positions in the last few years.

Being short-staffed in the IT department also puts your credit union at risk of attack. Things can fall through the cracks; your former employees could negatively impact your system (either intentionally or unintentionally).

Because the stress of the pandemic affected certain professional roles and industries, like cybersecurity, at a higher rate, many employees are leaving the field. And when hundreds or even thousands of IT professionals leave the industry, it increases the threat to businesses from outside sources that are also aware of the shortages.

This decrease in cybersecurity team numbers also means your response to threats will likely be slower and less effective. No operations run as smoothly or efficiently when you are missing team members. That’s why it’s important to start thinking about how you want to invest your credit union’s IT budget – IMS has a host of services that can fill in the gaps left by employees resigning.

Remote Work Increases Risks

Remote work is more common than ever before, and that means more cybersecurity risk for your credit union.

While it may be nice not to have the responsibility of purchasing and maintaining a remote worker’s devices, that also means you can’t control where or how your data is stored and used, especially once that employee has resigned.

Remote workers are also working from a variety of different servers and networks – home, local coffee shops or libraries, etc. And this means your data and systems are being exposed to more varied risks. You also can’t control the security parameters on these employees’ home networks in the same way that you can monitor and improve your in-house network and servers.

Gaps between Employees and Tech

More and more organizations are increasing their IT and cybersecurity budgets, and this has been exacerbated by the COVID pandemic and the Great Resignation. Now is the time to create the structure and strategy that we didn’t have time for during the first days of the pandemic.

When your credit union evaluates its cybersecurity spending, it’s important to ensure that your technology purchases are compatible with your workforce.

You can implement the newest and best technology in the world, but if you don’t do so with a strategy and a timeline in place to help you and your employees work through the transitions successfully, you are wasting valuable resources.

Process management should be a priority when implementing new technology, especially amid mounting cybersecurity concerns. Your staff needs to know how and when to use these new tools, so they aren’t creating new gaps in your digital defenses.

Offload Some Data Security Expenses by Partnering with IMS and Its IaaS Solutions

Maintaining high-level success in your credit union’s business operations during a time of high turnover and increasing employee recruiting and retention expenses mean you will need to decrease your costs elsewhere.

That’s where IMS comes in. With our Infrastructure-as-a-Service package, you can pay as you go and create a customized service that includes:

  • Maintained access to your applications during disasters and outages
  • Decrease expenses by only paying for what you need
  • Free up your team to focus on expansion, or employee recruitment and retention
  • Leave the troubleshooting and software upgrading to IMS and increase your credit union’s stability, reliability, and supportability
  • Improved peace of mind – IMS has you covered, through any cybersecurity issues and all your employee changes

How to Hire Credit Union Employees in 2021

Written by

 

2021 is the year of the employee. In the current job market, hiring and retaining entry-level – and even management and other professional-level – employees is a struggle. This has become a trend for a few reasons. So how do you hire credit union employees in 2021? We have collected some resources and tips for you.

First, the COVID-19 pandemic saw a lot of US government aid being passed out to workers who had been laid-off or found themselves unemployed as a result of shutdowns and government shelter-in-place mandates. And secondly, the pandemic also shed light on many Americans’ priorities, causing them to leave certain jobs to focus more on searching for more fulfilling or career-driven opportunities. 

Guerrilla Strategies for Finding Talent

Right now, 42% of business owners surveyed by the National Federation of Independent Business said they have job openings they could not fill. CUManagement recently published an article that outlines five guerilla tactics for finding employees in a tough market.

  1. Become a sales team. CUManagement says, “Your human resources department needs to start functioning as a sales team.” Create a prospect list – you can even include former employees who you’d like to have come back into the fold. Recruiting should always be a priority, even when you are fully staffed. Things are changing much more rapidly for employers these days, and you want to be ahead of the curve when it comes to hiring.
  2. Engage your team. Some of your best recruiting opportunities are just one degree of separation away. Your employees are the best resources for finding reliable talent in the area. You can encourage, or even incentivize them, to help find new hires. And don’t forget to listen to them: they have the first-hand experience of your hiring process, and they likely have some great insights into the areas you can improve to attract more or better prospects.
  3. Spotlight your culture. Job applicants are looking for a place where they enjoy working. The more you showcase that in your advertising channels – social media, websites, job descriptions, etc. – the more prospects will want to engage with your credit union.
  4. Get outside the box. Your list of requirements for any given position should not be a hard and fast standard by which you judge every applicant. If an applicant has little in the way of credit union experience but may have other supplementary experiences that could speak to their ability to learn how to successfully do the job you need, it’s good to consider them for at least an interview.
  5. Clarify your purpose. Your credit union’s purpose can be the tipping point for applicants. Just like your culture, your business’s purpose should be evaluated to reflect your commitments to specific non-profits and the community you serve. This philanthropic focus can show your prospect pool that your business is serious about its mission.

Address Current Concerns

CareerPlug’s article on changing the way you hire in 2021 deals with some harsh truths.

The first thing you have to compete with is the historically low wages that certain industries have been paying people in the past, which won’t work for many job seekers – because they hold most of the power in this labor market.

If you are firm in the wages you want to pay for your open positions, you could consider adjusting other compensation packages or benefits. For example, schools and childcare disruptions have caused many women to pivot from looking for work to being stay-at-home moms for the time being. Having options available or expanding childcare services to your staff could gain your credit union a lot of traction and engagement with women who have young children.

Another hot topic is remote work – many employees found out in the last year that the jobs they’ve been told must be done in the office are actually able to be done remotely. This flexibility has quickly become a standard discussion point in new hire negotiations.

And don’t forget – the global pandemic is still very serious and scary for many people. Concerns of cleanliness and updated sick time policies are worth mentioning in your open position descriptions.

Help Employees Manage from Anywhere with Virtual Desktops

Virtual desktops and apps enable your credit union to deliver virtual workspaces to end-users – including full Windows client desktops, shared desktops, and hosted apps – as a monthly subscription service.

Contact IMS for more information.

Why Credit Union Employees and Officers are Scam Targets

Written by

 

Business Email Compromise Scams (BEC) are hitting financial institutions hard, and the threat only seems to be increasing. CEOs, CFOs, and financial employees are at a high risk of being targeted in BEC schemes, regardless of company size.  Whether a small, community credit union or a multi-million dollar financial institution, these targeted schemes are impacting the bottom line for businesses across the globe – and here is what they all have in common: the targeted business must work with foreign suppliers and/or utilize wire transfer payments regularly.

What is a BEC Scam?

Also known as CEO fraud, and more generically phishing, a BEC scam isn’t carried out until the attacker(s) have done their research, ensuring a more favorable outcome. The criminals first choose a business to target and will then do online research via social media channels to locate the exact, accurate names of the CEO and CFO, finally targeting an employee — usually one that works in the finance department, company attorney, long-time company vendor, or client — to carry out the attack against.

Once a target has been selected, the criminals then send fraudulent email correspondence usually impersonating the CEO or CFO of the target company, attempting to fool the victim into initiating a wire transfer.

If successful, the BEC attack will result in gaining access to the target’s business systems and records, including employee credentials, and the possibility of an enormous financial loss for the target company.

How Can these Scams be Effective?

While it may seem like common sense may be all that’s required to avoid BEC and phishing scams, the criminals are quite savvy in determining what to say or do, in order to obtain the desired action from the target. These criminals are educated, intelligent, and have spent countless hours planning these attacks. According to the experts at FraudWatchInternational.com, there are several ways in which the criminals will create a feeling of legitimacy in these efforts, including:

  • Spoofing of legitimate email addresses;
  • Writing in an urgent tone, asking the victim for the funds to be transferred immediately;
  • Writing that “they” (the CEO or CFO) are in a meeting and cannot be disturbed with emails, texts or phone calls;
  • Giving the idea that that the sender of the email is using a mobile device to create and send the email, by including the signature “Sent from my iPad”, instead of the standard corporate email signature. This is one of the most effective methods, as the normal “red flags” (typos, poor grammar, lack of corporate signature), because mobile devices are often “excused” from triggering them.

BEC Scam Facts

Keeping a close watch on cybercrime – particularly BEC scams – the FBI compiled the following statistics, as reported from 2016:

  • BEC scams have occurred in every U.S. state, and in a minimum of 80 countries;
  • More than 17,000 people were victims of BEC scams from From October 2013 to February 2016, with losses exceeding $2 billion USD;
  • There has been a 270 percent increase in exposed losses and identified victims of BEC scams since January 2015.

Minimize Your Risk Through Education

Educate employees about the various ways in which criminals target financial institutions and their workforces will add an extra layer of protection. Be sure to:

  • provide employees with proper, accurate and thorough training about targeted cybercrime, and ways to validate the legitimacy of correspondence.
  • require careful monitoring of email addresses, to help avoid spoofing attempts.
  • stress the importance of questioning anything suspicious. Regardless of the instruction received in email, encourage employees to ensure the validity of the request through contact with the implied sender, or his/her designated representative
  • utilize two-factor or multi-level authentication procedures for every wire transfer, regardless of situation or circumstance.

At IMS, we sincerely care about the protection and privacy of your data, employees, and members. We work with credit unions nationwide, to assist in minimizing risks and maintaining the safety of your data. If you would like to discuss how we can help protect you against financial cybercrime, contact us today or complete the form below!

Contact