Cybercrime is an unfortunate reality in our world today. It is something that has become common language, and many Americans have become fatigued and numb to the continuous cyberthreats.
This is why Data Privacy Day is important to me and my team. It is an opportunity to reinforce to consumers the importance of always being vigilant and allows us to continue the conversation of what we can do to better protect ourselves from cyberthreats.
Throughout my military career of 25 years with the Air Force, I had the opportunity to work in a variety of IT and technology roles, but the positions involving cybersecurity were the most challenging. The scope and magnitude of cyber issues facing our nation became crystal clear to me, and I realized I wanted to continue to work in this important area for a company like USAA after retiring from the military.
At USAA, my team is responsible for protecting our more than 12 million members from cybercrime. It is an honor to serve our military, veterans and their families and help stop more than 9 million cyberattacks and prevent $8.7 million fraud loss daily. This data point makes me proud of our team, but it also reinforces the important fact: Threat is real and never-ending.
Oftentimes, consumers think that they are immune or safe from cybercrime. However, as a veteran, I have been the victim of many data breaches and, most recently, was a victim of the Office of Personnel Management (OPM) breach. In this case, I knew what type of information was compromised from the sensitive information I provided for my security clearance.
The data compromised wasn’t just my information; my family was impacted as well — and received letters from OPM directly. Knowing that my family members were now victims of identity theft for the rest of their lives made me angry. I understand firsthand the frustration of being a victim of identity theft, and I carry it with me every day in protecting our members at USAA. They depend on us, and I know how they would feel if it happened to them on my watch.
I’ve also experienced a wide range of cyberattacks directly, ranging from phishing emails to fraudsters attempting to impersonate me or even call me pretending to be a company I trust. At USAA, we reinforce that fighting fraud is a shared responsibility and try to reiterate some of the key ways to protect yourself from cyber threats:
Multifactor authentication (MFA): The reality is our personal information is already known or easily available. The most effective thing we can do to protect our online accounts is to use strong authentication. If your online account offers options beyond passwords and security questions, please consider them. I use a combination of the random code option — a one-time security code that is texted to me — and biometric options when available, including fingerprint, voice or facial recognition.
Better passwords: When you don’t have access to MFA options, it’s critical to use a strong password that includes a mixture of symbols and letters. The key is to change it up — don’t use the same password for all accounts.
Stay vigilant: Phishing is a common tactic to gain your personal information, and fraudsters prey on individuals hoping the user clicks a link or takes actions without acknowledging red flags. Fraudsters will often call you directly impersonating a credible company. Bottom line, follow your senses. If in doubt, pause to confirm you really want to proceed.
Monitor your info (and your children’s accounts): We tend to focus on steps to avoid identity theft for ourselves but may not think about our children. This is a growing trend and can be difficult to detect and resolve. Make sure to review your information and respond to any security or fraud alerts.
Many individuals may feel online security seems like a lost cause. The reality is that it’s a risk management situation, and we have the ability to minimize some risks by the actions we take, or don’t take. As consumers, we can take control by embracing these tips into our daily lives. Fraud will always exist — the key is to make it as difficult as possible so the fraudster will prey elsewhere.
As the chief security officer at USAA, my team stands strong to protect our members’ information. This commitment requires a 24/7 mindset and offers no room for failure. We have the best talent on our team, and a solid percentage are veterans or military spouses. While we were honored to receive the “Best in Class” award in Javelin’s 2017 Account Safety in Banking Scorecard, we embrace one of the Navy SEALs’ mottos as a top security priority: The only easy day was yesterday. There is no place for complacency when you work in cybersecurity.
• Gary McAlum is Chief Security Officer at USAA. His responsibilities include Information Security & Privacy, Fraud and Financial Crimes Management & Investigations, and Physical Security services. Prior to joining the USAA team in February 2010, he completed 25 years of service in the U.S. Air Force, which included years within the information technology career field.
Please read our comment policy before commenting.