October 7, 2025—Tens of trillions of consumer dollars flow through U.S. banks and credit unions each year across domestic and global money movement rails and payment channels. As of 2024, there were more than 12,000 fintech companies—digital banking and payments, cryptocurrency and blockchain, and related applications—in North America. Money is moving faster and faster, and more and more our data and our money is digitally connected. This convenience comes at a cost. These transactions and the systems that support them are under constant threat from cyber attacks.
October is Cybersecurity Awareness Month, and this year’s theme, “Building a Cyber Strong America,” highlights the need to strengthen the nation’s infrastructure against cyber treats. The financial services industry plays a critical role in providing consumers and businesses access to secure digital banking platforms and payment channels, safeguarding their and our monetary assets and data, and educating ourselves and our public about these threats to proactively, and collectively, defend against them. This year, Cybersecurity and Infrastructure Security Agency (CISA), the federal agency leading the campaign, has provided specific resources for businesses and institutions that own, operate, or support critical infrastructure. The agency’s guidance emphasizes the importance of clear policies, regular employee training, and engagement from leadership, IT, and vendors.
Essential cybersecurity practices include:
- Updating software to protect against known vulnerabilities
- Teaching employees and consumers to identify and avoid phishing and other targeted attacks
- Enforcing the use of strong passwords across all systems and platforms
- Requiring multifactor authentication
To strengthen security in organizations, the agency reminds us that it is also important to use logging and monitoring to detect suspicious activity, back up data to ensure quick data recovery, and to encrypt data.
The stability and security of financial institutions and financial service providers is key to preventing widespread economic disruption. We encourage you, our clients and partners, to explore and share CISA’s 2025 Cybersecurity Awareness Month Toolkit, which includes communications templates for presentations and traditional and social media, and their short Nine Ways to Stay Safe Online video. Financial institutions are also encouraged to take advantage of cybersecurity assessment tools* available, including, but not limited to NCUA Automated Cybersecurity Evaluation Toolbox, https://www.nist.gov/cyberframework, CISA Cybersecurity Performance Goals (Financial Sector-Specific Goals slated for Winter 2025 release), Cyber Risk Institute Cyber Profile 2.1, and the Center for Internet Security Controls.
We remind our members that EasCorp undergoes annual independent audits of our own operating systems, processes, and system controls. Our audit and SOC reports meet the most demanding standards of vendor due diligence for a regulated financial institution. These reports and other confidential information are available to authorized users on the Due Diligence page of our secure web portal.