Always-on security measures provide peace of mind

Canvas Credit Union is fairly convinced that one day, it will undergo a cyber-attack. It doesn’t know when or how, but the Colorado financial institution is confident its defenses are up and ready to prevent a potential breach, regardless of the circumstances.

The 26-branch financial institution can take this bold stance because of security measures it has enacted, which includes partnering with a cybersecurity management solution provider whose niche includes credit unions.


According to the National Cyber Security Alliance, 60 percent of small- and mid-sized businesses that are hacked go out of business within six months. Reasons include a lack of security measures and the mindset they are too small to be on attackers’ radar.

But Canvas Credit Union knows that one breach is one too many and therefore went searching for a vendor that could beef up its security by gaining real-time visibility into all areas of its network – endpoints and network and security devices. Management knew its small staff lacked the bandwidth to find anomalies that might signify a potential breach.

“ With a small staff such as ours, it’s extremely difficult for any one person to focus on one predatory event at a time,”
said Carlos Vazquez, Vice President of Information Technology at Canvas Credit Union. “So, the question was, how do we protect our network from intrusion, social engineering and any other possible attack? We needed a way to aggregate all logs in our network, distill them down and provide security analytics so we know how to better protect our members’ accounts.”

Many financial institutions have turned to Security Incident and Event Management (SIEM) tools; however, they typically lack the ability to have real-time visibility and remediation to the gathered log information. “So, they’re spending $100,000 on a SIEM tool but don’t have anybody looking at the logs, so what good does it do?” Vazquez said.

Further, Canvas Credit Union needed to ensure it could stand up to tightening cybersecurity requirements from the National Credit Union Administration (NCUA) and the Federal Financial Institution Examination Council (FFIEC).


To address these concerns, Vazquez and team went shopping in 2016 for a cybersecurity solution that would enable it to proactively manage cyber exposure while maintaining regulatory requirements. Criteria included vendors that would provide a 24/7 network operations center to supplement the IT department without having to hire full-time staff. Canvas Credit Union found DefenseStorm, a fixed-price, co-managed solution whose sole focus is cybersecurity and cyber-compliance for regional- and community-sized banks and credit unions. When DefenseStorm did a proof of concept, the credit union was sold.

“The proof of concept was pretty amazing,” Vazsquez said. “Even though some of our equipment wasn’t up-to-date, DefenseStorm was writing code right then and there to accomplish what they needed to do to meet our needs.”

DefenseStorm’s TRAC™ (Threat Ready Active Compliance) Team provides the peace of mind Canvas Credit Union leaders were looking for. The TRAC team, which is available 24/7, uses machine learning and rich content to curate threats and triggers most relevant to Canvas Credit Union so it can meet compliance and security needs. What’s more, teams in both companies use the same consoles and dashboards, making it easy to co-manage coverage efficiently.

Plus, the DefenseStorm platform is easy to install and use, and configurable to Canvas Credit Union’s needs, which includes full-cycle regulatory compliance. When examiners ask what’s being done to keep member information safe, Canvas Credit Union IT staff simply shows them.

“Flexibility was key because it allows us to generate any alert we need,” said Manuel Zapien, Director of IT at Canvas Credit Union. “We can create alerts for simple processes, like when a computer is added or deleted from the network. We get more granular with alerts that target any system, such as a firewall.

“Plus, the DefenseStorm solution allows us to show auditors from the NCUA exactly how we protect our members’ personal information and money. We can prove we are looking round-the-clock at logs and firewalls, aggregating this information, and keeping accounts safe.”

In addition to satisfying heightened security regulations externally, Canvas Credit Union IT executive leadership and board members have embraced it as well. Quarterly board meetings include updates on the credit union’s security stance, and Canvas has been pleased with how well the DefenseStorm platform works.


Before its partnership with DefenseStorm, Canvas Credit Union lacked a surefire way to monitor, aggregate and parse logs and find anomalies. It was also unable to fully satisfy regulatory requirements and executive leadership and board member concerns. Today, however, IT team members are confident in its comanaged, easy-to-use, robust cybersecurity framework.

With cyber breaches on the rise, Canvas Credit Union realizes it’s likely only a matter of time before it is hit by a cyber-attack. But with DefenseStorm, Canvas is confident its defenses are ready to go, even beyond regular business hours.

“DefenseStorm is our partner 24 hours a day,” Vazquez said. “When we’re sleeping at 2 a.m., they’re reviewing everything and if an event happens, they’ll let us know. That gives us peace of mind knowing we have a second set of eyes looking at millions of event logs. It’s a relief having a partner always watching our back, ensuring our members remain secure.”

Download the case study
Canvas Credit Union

Canvas Credit Union’s decision to adopt DefenseStorm stemmed from a need to monitor the activity of super users within its network. This request came from the institution’s examiners and auditors, so there was a strong sense of urgency to find an effective solution that would stand up to the tightening cybersecurity regulations from the FFIEC.