Information Security
Trusted Leadership
Idrees Rafiq, VP, IT Security & Risk Management
We are Ready to Help
We can help you stay compliant and manage risk.
Existing client? Contact us for assistance.
Cost-Effective. Secure. Savvy.
Cornerstone Resources cultivates connections with NCUA, Federal Bureau of Investigation, Department of Homeland Security, and other law enforcement entities to gather information on current and potential threats that can be shared with credit unions to enhance their security position.
We also partner with experts including Blackswan Cybersecurity to support your credit union in establishing solid cyber hygiene, protect against cybersecurity treats, and fulfill regulatory and contractual cybersecurity monitoring requirement, while being budget conscious. Learn more about Blackswan.
Our experts can augment your existing team, act as your IT staff, or serve as your CIO, enabling you to focus on your members. Our technology professionals are also highly qualified and include employees with certified information systems auditor designations.
Why Choose Us?
Reduce and better manage operational and cybersecurity risks
Partner with an organization that only serves credit unions and understands your needs
Save money with more affordable rates
Earn a measurable return on investment
Services
The National Credit Union ISAO has partnered with the Cornerstone Credit Union League and Cornerstone Resources to offer discounted membership to League members! Fill out this form to learn more about NCU-ISAO member benefits or to start the process of becoming a member.
Learn More & become an NCUA-ISAO Member
The Phishing program is designed to empower employees with the knowledge and skills needed to protect sensitive information, prevent security breaches, and foster a security-conscious workplace. By participating in this program, employees will become more vigilant, recognize potential threats, and adopt secure practices.
The IT Controls Review is designed to ensure the effective implementation of security controls and to maintain compliance with industry best practices and regulatory standards. The controls review aims to enhance the organization's security posture and meet compliance requirements from various federal and state regulatory bodies.
Assess current Internet connections to identify points of weakness that leave the credit union exposed to external threats that may be a result from hackers, network viruses and more in fulfillment of NCUA’s Letter to Credit Unions, e-Commerce Guide to Credit Unions 02-CU-17.
Evaluate the risk of compromising member information in fulfillment of the NCUA Regulation 748 Appendix A and B in accordance with section 501 and 505(B) of the Gramm Leach Bliley Act (GLBA) to include physical, administrative, and technical security guidelines and standards as well as e-commerce services that are provided to your members. This service also includes an Information Security Policy & Program ready for board approval.
Multi-year contracts include ongoing compliance assistance with regards to information security.
Cybersecurity Resources
- NCUA Cybersecurity Resource Center
Central hub for credit unions to access tools, guidance, and best practices to enhance cyber resilience.
ncua.gov/regulation-supervision/regulatory-compliance-resources/cybersecurity-resources
- CISA Cybersecurity Best Practices
Explore CISA’s Cybersecurity Best Practices for actionable guidance on securing systems, reducing risk, and building cyber resilience.
cisa.gov/topics/cybersecurity-best-practices
- CISA Cybersecurity Performance Goal (CPG) Assessment
Assess your organization’s cybersecurity maturity and prioritize high-impact actions using CISA’s Cybersecurity Performance Goals (CPG).
cisa.gov/sites/default/files/2023-03/cisa_cpg_checklist_v1.0.1_final.pdf
- CISA SCuBA Project – Secure Cloud Business Applications
Provides secure configuration baselines and tools for Microsoft 365 and Google Workspace environments.
cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
- CIS Critical Security Controls
A prioritized set of cybersecurity best practices to help organizations defend against common threats.
cisecurity.org/controls
- NIST Computer Security Resource Center (CSRC)
Access NIST’s cybersecurity standards, guidelines, and research to support secure information systems.
csrc.nist.gov
- FFIEC IT Examination Handbook InfoBase
Provides IT examiners and financial institutions with training and reference materials on IT risk management.
ffiec.gov/node/33
- Stay Safe Online – National Cybersecurity Alliance
Offers practical guides, videos, and toolkits to help individuals and families stay safe and private online.
staysafeonline.org/resources/online-safety-and-privacy
- STOP. THINK. CONNECT. Campaign
A national public awareness campaign promoting safer online behavior and cybersecurity best practices.
stopthinkconnect.org
- SANS Cybersecurity Posters and Cheat Sheets
Download high-impact posters and cheat sheets from SANS Institute to reinforce cybersecurity awareness, technical skills, and leadership strategies.
sans.org/posters
- NCU-ISAO – National Credit Union Information Sharing & Analysis Organization
Learn about membership benefits for Cornerstone League members and discover how NCU-ISAO facilitates cyber intelligence sharing within the national credit union community.
ncuisao.org/cornerstone-contact
- FBI InfraGard Program
A public-private partnership that connects critical infrastructure stakeholders with the FBI for threat sharing and education.
infragard.org
- Secret Service Field Offices & Cyber Fraud Task Forces
Locate your nearest Secret Service field office and learn about their Cyber Fraud Task Forces (CFTFs) that combat cyber-enabled financial crimes.
secretservice.gov/contact/field-offices