Skip to main content
Promotion: Promotional Banner Image

CUNA and NAFCU are now America’s Credit Unions,
a unified voice for the credit union industry.

Learn More

TraceSecurity 

Compliance, simplified

Who is TraceSecurity?

TraceSecurity has provided over 30,000 examiner approved reports, helping credit unions of all sizes maintain compliance year after year. A CUNA Strategic Services provider since 2006, TraceSecurity helps credit unions with a range of cybersecurity services, including risk assessments, penetration testing and IT audits. With a combination of software and services, TraceSecurity can help credit unions manage their information security program and supplement it with third-party validation. 

How a strategic alliance with TraceSecurity benefits credit unions

TraceSecurity was founded to be a true partner to credit unions navigating the ever-changing landscape of cybersecurity compliance. With dedicated account teams, they establish ongoing relationships with all of their customers to help anticipate, interpret, and respond to requirements. By staying in regular contact, TraceSecurity can ensure the compliance process is simple and straightforward, causing minimal disruption from regular business operations.

Why choose TraceSecurity 

For over 20 years, TraceSecurity has been assisting credit unions with their cybersecurity compliance by offering comprehensive services and auditor approved reports. Their services were designed to test every area of your information security program, from wireless networks and servers to employees and locked doors. With credit unions systems being interdependent, TraceSecurity has the expertise to take the full picture into account and provide reporting and recommendations accordingly.

Connect with TraceSecurity 

Talk to one of our CUNA Strategic Services alliance managers to learn more about TraceSecurity. We’ll help you identify and evaluate the best solution for your credit union. 

on-demand webinar

Webinar: The MGM Cyberattack & Lessons Learned

TraceSecurity

June 14, 2024

Watch this TraceSecurity webinar as they take a deep dive into MGM’s cyberattack to see what can be gleaned from their response and mitigation efforts

article

Lessons Learned From the MGM Cyberattack

TraceSecurity

May 24, 2024

Part Two: Discover how credit unions can take steps to strengthen their defenses and mitigate risk.

article

Lessons Learned From the MGM Cyberattack

TraceSecurity

May 21, 2024

Part One: The simplest social engineering attempt can lead to huge compromise. TraceSecurity has done a deep dive into the MGM cyberattack from last year to see what we can learn from it.

article

2024 Information Security Goals: Your Credit Union's New Year's Resolutions

TraceSecurity

March 13, 2024

Learn how to prioritize cybersecurity initiatives and integrate them into your business strategies.

article

What Is a Configuration Review?

TraceSecurity

December 04, 2023

Configuration reviews are becoming increasingly required for credit unions, at least annually if not quarterly.

article

Beware: The Latest Vishing Tactics

TraceSecurity

November 16, 2023

Vishing continues to be a major threat for credit unions – check out the latest vishing tactics, including voicemails, AI, and ID spoofing.

article

New NCUA Cyber Incident Reporting Rules

TraceSecurity

October 04, 2023

The NCUA made a change to their Cyber Incident Notification Requirements that went into effect September 1. Here's what you need to know.

on-demand webinar

Remote Social Engineering

TraceSecurity

September 14, 2023

Learn about the various types of remote social engineering, why they work and how to be prepared for them in real time.

article

The Importance of Third-Party Risk Assessments and Verification of Controls

TraceSecurity

July 17, 2023

One crucial aspect of risk management is conducting third-party risk assessments and verifying the effectiveness of existing controls.

on-demand webinar

Tabletop Testing

TraceSecurity

June 29, 2023

NCUA's ISE Requirements for tabletop testing - what is it about and how should you handle it?

article

The Importance of Remote and Onsite Social Engineering Testing for Your Organization

TraceSecurity

June 01, 2023

In today's digital age, companies worldwide face a constant barrage of cyberthreats ranging from zero-day exploits to distributed denial-of-service attacks. While cybercriminals continue to refine their tactics, they've also refined their attacks on the human element. Ever-increasingly, organizations have recognized the significance of proactive measures to address these evolving threats. One such measure is social engineering testing, a vital component of an effective cybersecurity posture.

on-demand webinar

NCUA ISE Requirements

TraceSecurity

April 25, 2023

The NCUA has developed new procedures for their risk-based Information Security Examinations (ISE) for credit unions. Your examiner will be using these new procedures for your regulatory examination this year, and we’re here to help you navigate the new normal. We’ve taken the official NCUA regulatory statements and broken them down into the assessments and testing that your examiners will be looking for this year.

article

What Is Tabletop Testing?

TraceSecurity

April 24, 2023

You can’t always know what’s going to happen to your organization, but you have policies and procedures in place to handle the unknown: business continuity plans (BCP), disaster recovery plans (DRP) and/or incident response plans (IRP). Having these plans in place is a great first step, but do you know if your plans will actually work in practice? This is where tabletop testing comes in.

article

NCUA ISE Requirements

TraceSecurity

March 29, 2023

The NCUA has developed new procedures for their risk-based Information Security Examinations (ISE) for credit unions. Your examiner will be using these new procedures for your regulatory examination this year, and TraceSecurity is here to help you navigate the new normal. TraceSecurity has taken the official NCUA regulatory statements and broken them down into the assessments and testing that your examiners will be looking for this year.

white paper

Incident Response Plan: What every Organization Needs to Know

TraceSecurity

February 07, 2023

article

DNS Cache Snooping

TraceSecurity

January 03, 2023

In the present day and age, most employees know that they should not use their company internet for non-business purposes. Most organizations require their employees to read and sign an Acceptable Use Agreement to ensure that they understand what websites can and cannot be accessed.