Two NCUA Cybersecurity Examiners Tell Us What They're Looking For in 2026 episode artwork

EPISODE · May 13, 2026 · 53 MIN

Two NCUA Cybersecurity Examiners Tell Us What They're Looking For in 2026

from Breaches & Brews · host Rivial Data Security

We sat down with two NCUA Regional Information Security Officers to ask them point blank: what are you finding in exams, what do you want credit unions to fix, and what does "good" actually look like?Charles has been with the NCUA for 27 years. Murray left the agency, worked at a credit union, and came back. Between them, they've examined institutions from $50 million to $13 billion in assets. They don't hold back.In this episode, they walk through the most common deficiencies from 2025 exams (access controls, MFA gaps, vendor incident response), explain why expressing cyber risk in dollar terms is the single most important thing you can do for your board, and share what they're actually looking for on AI governance right now - even though the NCUA itself is still catching up.If you're prepping for an exam, presenting to your board, or trying to figure out what to do about AI, this is the episode.Resources we mentioned: 📘 How to Measure Anything in Cybersecurity Risk - Douglas Hubbard & Richard Seiersen 📊 Free Cyber Risk Assessment - rivialsecurity.com/cyber-risk-assessment 📄 AI Risk Management Whitepaper - rivialsecurity.com/resources 📋 AI Governance Assessment (NIST AI RMF) - rivialsecurity.com/resources 👥 Private Community for CU & Bank Leaders - rivialsecurity.com/community🔗 rivialsecurity.com 📅 Book time with our team: rivialsecurity.com/contact-us#NCUA #CreditUnion #CyberRisk #CreditUnionPodcast #AIGovernance #RiskManagement #BoardReporting

We sat down with two NCUA Regional Information Security Officers to ask them point blank: what are you finding in exams, what do you want credit unions to fix, and what does "good" actually look like? Charles has been with the NCUA for 27 years. Murray left the agency, worked at a credit union, and came back. Between them, they've examined institutions from $50 million to $13 billion in assets. They don't hold back. In this episode, they walk through the most common deficiencies from 2025 exa...

NOW PLAYING

Two NCUA Cybersecurity Examiners Tell Us What They're Looking For in 2026

0:00 53:22

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Breaches & Brews?

This episode is 53 minutes long.

When was this Breaches & Brews episode published?

This episode was published on May 13, 2026.

What is this episode about?

We sat down with two NCUA Regional Information Security Officers to ask them point blank: what are you finding in exams, what do you want credit unions to fix, and what does "good" actually look like?Charles has been with the NCUA for 27 years....

Can I download this Breaches & Brews episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!