NCUA Vice Chairman Kyle S. Hauptman
As Prepared for Delivery on October 21, 2021
Thank you, Ernie.
Cyberattacks are a fact of life for individuals, businesses, utilities, hospitals, schools, and governments. Not only are they pervasive, but the bad actors are continually shifting the goalposts making difficult to stay ahead of them. As I stated at last month’s board meeting, none of us want to be the weak link when it comes to cybersecurity.
NCUA’s exam team has been stressing cybersecurity for several years now. I want to congratulate staff on the development of the Automated Cybersecurity Evaluation Toolbox (ACET). It is comprehensive and robust. And I especially appreciate that it was built to evolve.
While I understand that the responsibility for cybersecurity rests with each individual credit union, I’d like to suggest that credit unions who make the effort to assess their level of readiness with ACET, or some other comparable tool, get some sort of credit for it. I realize the examiner can’t exempt a credit union if there is a problem but using ACET or some other tool can help the credit union find and close those gaps sooner. Finding problems and fixing them is the goal.
Thank you, Mr. Chairman, that concludes my remarks.