Credit Union-Focused Cybersecurity Organization Launched to Sustain Industry’s Cyber Resilience

Share Article

The National Credit Union Information Sharing & Analysis Organization (NCU-ISAO), officially announced its launch today to advance global credit-union cyber resilience, real-time cyber threat intelligence information sharing, coordinated response, best practice adoption and education. The NCU-ISAO is headquartered at the Global Institute for Cybersecurity + Research (GICSR) Global Situational Awareness Center at NASA/Kennedy Space Center and is a member of the International Association of Certified ISAOs (IACI).

The National Credit Union Information Sharing and Analysis Organization (NCU-ISAO) officially announced its launch today with a mission to advance credit union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community.

Credit unions represent a major segment of the global financial services critical infrastructure. As credit unions increasingly leverage technology and telecommunications to better serve their members, and as they also continue to face more cyber regulatory scrutiny, the need to manage cybersecurity risk rises as a critical priority for the industry.

"This is the first operational and threat intelligence sharing organization dedicated wholly to credit unions,” said Gene Fredriksen, Executive Director of the NCU-ISAO. “Just as credit unions exist to serve the needs of their communities, the NCU-ISAO exists to serve credit unions’ needs in the cybersecurity space. Because the information sharing needs for credit unions encompass more than just cyber threats, the NCU-ISAO will support innovative, member driven initiatives around benchmarking, process improvement, and regulatory strategies."

Protecting the credit union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.

“In cybersecurity resiliency we need to continuously up our game—the hackers certainly are,” said Jeff Johnson, CIO, BCU. “To optimize our defenses, we need to know what to do and when—but the constantly changing threat landscape creates something akin to a dynamically changing jigsaw puzzle. Having a credit union collaborative entity gathering data from across the entire threat landscape will help us make better decisions on where we focus our investments and thus our resiliency.”

As an integral cyber resilience nexus and communication channel, the NCU-ISAO represents a collaborative, member-driven independent non-profit organization that enables credit unions to participate in a globally trusted community that enhances security protection efforts. The NCU-ISAO is the first Information Sharing organization created exclusively to address threats and operational intelligence issues that are unique to credit unions. The NCU-ISAO will provide services that help credit unions of all sizes accelerate the maturity of their cyber security and compliance programs, including:

  • Identify credit union-specific cybersecurity risks; define risk-reducing cost-effective mitigation strategies, metrics, effective controls, sector differentiation, forecasting, trending, modeling, comparison to peers and best practice adoption
  • Detect, aggregate, analyze, prioritize and share threat and vulnerability intelligence
  • Provide information, intelligence and benchmarking information related to NCUA, FFIEC, PCI and other related regulatory guidance, including the effective use of self-assessment tools
  • Advance credit union access to manual or automated real-time security situational awareness; threat intelligence information sharing of cyber threat indicators; incidents, observables, threat actors, tactics/techniques/procedures, exploit targets and campaigns
  • Enhance the opportunity for all credit unions to participate in the sharing community via next generation technology designed for NCU-ISAO intelligence that enables automatic detection, alerting, and sharing back of intelligence (“sightings”) to the NCU-ISAO. Credit unions are able to see the threats the credit union community sees, as well as threat (sightings) within their credit union, eliminating the need for additional security tools or hiring a threat intelligence analyst.
  • Provide incident response unified and secure real-time command and control communications via landline, cell, text, email, secure voice and video, and mobile two-way radio in support of response planning, exercises, incident repost and member-to-member communications
  • Support adoption of cyber resilience best practices via development and implementation of Credit Union Cyber Resilience Operational Guidance
  • Underpin credit union cyber resilience via development and implementation of role-based workforce education

“This is our time to act once and affect many,” said Bob Bender, Chief Technology Officer, Founders Federal Credit Union. “The amount of information flooding our Cyber Resilience Program today is overwhelming. We have an opportunity to quiet the noise and safeguard the Personal Identifiable Information our members entrust us with today. I am excited to be part of such a diverse and talented team working together to bring a disruption to the cybersecurity insecurity we battle every day of our careers.  This is what credit unions helping credit unions is all about.”

The NCU-ISAO is a member of the International Association of Certified ISAOs (IACI), leveraging a private sector-led global cyber threat intelligence infrastructure working in collaboration with government (U.S. DHS, etc.), headquartered at the Global Institute for Cybersecurity & Research (GICSR) Global Situational Awareness Center at NASA/Kennedy Space Center. IACI advances cyber information sharing through guidance, operations and technologies for ISAO’s worldwide to share information, coordinate response, provide mutual assistance and benefit from economies of scale.

“Credit unions are an integral part of the community network that forms our way of life. As such, it is critical that sub-sectors like credit unions unite to assure the cyber resilience of threats unique to them,” said Michael Echols, CEO of the International Association of Certified ISAOs (IACI), most recently the Director of the Cyber Joint Program Management Office, U.S. Department of Homeland Security.

For more information on becoming a member of the NCU-ISAO, please visit, or contact Brian Hinze, brian.hinze(at)ncuisao(dot)org.

About the NCU-ISAO:

The NCU-ISAO, a 501(c)6 non-profit organization, strengthens credit union cyber resilience through leadership and a sustainable infrastructure that inspires and facilitates cooperation, collaboration and coordination. Global Situational Awareness Center, NASA/KSC, Florida.

Founding credit union sponsors of the NCU-ISAO include Founders Federal Credit Union and BCU.

The International Association of Certified ISAOs (IACI) promotes worldwide ISAO information sharing through guidance and services supporting government and industry reduction of cyber risks. Learn more at

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Deborah Kobza
+1 904-476-7858
Email >

Brian Hinze
Visit website