BY MIKE RUTH
Don’t let a compromised ATM fleet destroy your credit union’s reputation. To increase your ATM security and to curb cyberattacks, certain processes and planning tips will help keep you in the safe zone. Enlisting everyone at your institution from the C-Suite down is critical. Keep reading for a step-by-step run-down of these strategies.
Credit unions are operating under increased scrutiny by regulators and consumers on security practices and plans. That is why security is top-of-mind for most credit unions. Recently, 74 percent of financial services CEOs cited extreme concern about cyber threats.1 And that’s no surprise given that 37 percent of financial services organizations recently reported a double-digit increase in cyber security incidents. ATM Security Breaches on the Rise When shoring up their cyber defense, credit unions can’t afford to ignore their ATM fleet. From brute force physical attacks to sophisticated cyber malware, credit unions are forced to protect ATMs against a broad range of threats. Recent fi gures from FICO indicate that the number of U.S. ATMs compromised by criminals rose a whopping 546 percent from 2014 to 2015. The general consensus is that this surge is due to criminals working to get in before the EMV migration in the U.S. reaches critical mass to reduce skimming.
However, even after EMV technology is completely in place, one thing is certain: as long as there is cash stored in an ATM, there are people who will attempt to steal it. Creating a successful ATM security plan includes enlisting the help of the executive team, employees and customers.
Boosting ATM Security Starts at the Top
If your ATMs are compromised, perhaps the biggest blow and most difficult to repair will be to your reputation. Fortunately, there are proven steps that your credit union can take to increase ATM security, and starting with the c- suite is the first:
1. Start with the board of directors and the c-suite. Given the scope of the potential impacts of an ATM
2. security breach, security needs to be an explicit part of your enterprise risk management strategy. Involving your c-suite and board of the directors is an important step in the risk management process. Help your executive team understand your ATM risk profile. The impact of ATM security on your institution’s overall risk profile needs to be clearly understood by your board and management. Make sure senior executives have the information and resources they need to properly understand the scope of ATM security needs and what it will take to address them.
Executives don’t want to get into the technical details of what a specific threat does, but they need to be able to quantify what the risk is. This will help them better understand the level of funding that will allow the credit union’s operational teams to properly craft a security policy that will help address threats. Such threats include card skimming, card trapping and “smash and grab” physical attacks in which the perpetrators try to steal the entire machine.