It’s Cybersecurity Awareness Month! Protecting Your Credit Union with Recovery Points


Cybersecurity has become an increasingly important subject for financial institutions to invest in and a key component of any successful information security program along with active participation from credit union executives and board members.  Julie Gessner, VP of CMS Sales, recently interviewed key staff at CU*Answers to get their input on hot topics relating to cybersecurity.

Protecting Your Credit Union with Recovery Points

What information can you share with credit unions about protecting themselves with recovery points?

Let’s discuss Recovery Time Objectives (RTOs) and Recovery Pont Objectives (RPOs).

Penetration testing is where a computer system is probed by a test to determine how vulnerable it may be to an attack – it’s a form of legal hacking.  A recovery time objective (RTO) represents the maximum amount of time between a business disruption and the time the process is partially or fully restored.  Accurate recovery time objectives help to ensure that recovery plans properly align with business requirements.

A recovery point objective (RPO) represents the maximum amount of data that can be lost without severely impacting the recovery of operations.  Accurate recovery point objectives help to ensure that data is archived at the appropriate intervals and that vital records are not at risk.

The SSAE 16 report stands for Statement on Standards for Attestation Engagements number 16.  the SSAE 16 replaces SAS 70 as a way for auditors to report on the effectiveness of a service providers controls. – Jim Lawrence

If you have any questions or would like additional information on cybersecurity options available to your credit union, please reach out to us via email at: