As Prepared for Delivery on September 23, 2021
Thank you, Eugene, for this mid-session briefing on the 2021 budget. The 2020 mid-session budget briefing was delivered at the July Board meeting. Given the massive and unforeseen challenges in 2020, this was quite an accomplishment. I hope the timing of the 2022 midsession budget briefing is closer to what one would expect for a 'midsession' budget briefing.
I wish to comment on the allocation of additional resources to the agency’s cybersecurity efforts. The increasing trend of cyber-attacks that began in 2020 has shown no signs of slowing down in 2021. Colonial Pipeline, Solarwinds, the NBA, insurance companies AXA and CNS, the software platform, Kaseya, and computer manufacturers Quanta and Acer were among many targets of hackers this year.
None of us want to be the weak link when it comes to cybersecurity. It is more critical than ever before to quickly identify threats, protect data, be prepared to safely recover when things go wrong, and assure operations remain intact under any threat.
That said, I’m concerned we are voting on something so critical with barely a week to review. As a board, it is imperative the Board regularly receives and reviews comprehensive information on our cybersecurity efforts. I’d like to call on my fellow board members to ask management to ensure we are regularly provided this comprehensive information on our IT and cybersecurity preparedness.
One final reason cybersecurity is so important is because the NCUA is constantly stressing to credit unions the importance of their cybersecurity. Thus, it is obviously incumbent upon the NCUA to walk the walk and protect our own systems.
Thank you, Mr. Chairman. This concludes my remarks.