Skip to Content

Cybersecurity testing for credit union

April 23, 2017 Case Study 1 min read
A regional credit union strengthens security environment, passing its regulatory exam with flying colors.

 Image of people meeting

The client

A mission-based credit union with 10 branches and nearly $500 million in assets.

The challenge

While the credit union had a history of clean IT audits, it was seeking support from cybersecurity experts to identify areas for improvement. In addition to simply being compliant, it wanted to ensure its IT security was as strong as possible — and with a small staff, it knew it would need outside help to do that.

The solution

Our cybersecurity team conducted multiple audit and penetration tests to identify areas where the credit union’s IT security could be strengthened. The team worked with the credit union to identify potential cybersecurity threats and recommended policies and procedures that would eliminate them before its next regulatory exam. We scheduled remediation testing within six months of the initial audit to confirm that the new procedures were effective and the organization’s security environment was strong.

The benefit

Our recommendations resulted in several benefits for the credit union, including:

  • Improved policies for system access rights and documentation procedures
  • A robust vendor management program
  • An effective patch management process for third-party applications
  • Overall realignment of management structure for IT and information security

After implementing our recommendations, not only did the credit union receive a clean report during our remediation testing, but it improved its security environment and passed the regulatory exam with flying colors. Management continues to work closely with our team, ensuring security remains a key piece of ongoing operations.

Related Thinking

Financial staff members discussing GLBA Safeguards Rule Updates for higher education.
September 11, 2023

GLBA Safeguards Rule updates for higher education

Article 4 min read
Group of business professionals discussing the effectiveness of FDIC’s InTREx exams.
September 8, 2023

Bank Director: Is the FDIC’s IT exam effective?

Article 5 min read
Group of cybersecurity professionals going over the basics of SOC examinations.
August 11, 2023

SOC 101: the basics, best practices, and benefits of a SOC examination

Article 6 min read