Mar 15, 2024

Information Security Brief - March 2024

Tips for a Hack-Proof Tax Season The IRS identified in 2022 that there were more than 5.5 billion dollars in tax-related scams and an additional 31.6 ...

Read More

← Return to Blog

20 Dec, 2018

Regulatory Update: FFIEC Releases a Cybersecurity Resource Guide for Financial Institutions

Overview

The Federal Financial Institutions Examination Council (FFIEC) has released a Cybersecurity Resource Guide. The newly developed guide provides a variety of resources specifically designed to help the financial sector address cybersecurity risks and threats while enhancing preparedness.

Included in the guide are four categories: assessments, exercises, information sharing, and response/reporting. The guide is a compilation of resources from various agencies such as the FFIEC, Center for Internet Security, Department of Homeland Security, FBI, FDIC, FinCEN, and FS-ISAC, among others.

Action Required

For BankOnITUSA® Client Banks

Banks currently utilizing BankOnITUSA®’s Bankers Private Cloud® services that follow recommendations provided by BankOnIT already have the required resources incorporated into their information technology/security environment.

The Bank’s dedicated account manager at BankOnIT will provide this guide, discuss key points and optional resources when attending the next upcoming IT Committee meeting.

No further action is required at this time.

For Non BankOnIT Client Banks

Most of the guide’s resources are integral for a strong information technology/security environment, and some resources are required. Therefore, banks not using BankOnIT’s Bankers Private Cloud® are strongly encouraged to:

  1. Review the Guide
  2. Assess which resource(s) represent a regulatory requirement
  3. Document any gaps and the follow-up planned actions to meet regulatory requirements
  4. Track and document findings from assessments and mitigate risks
  5. Implement a process to monitor and respond to security alerts from FS-ISAC and similar agencies that are applicable to financial institutions.
  6. Determine which optional actions the bank could utilize to further strengthen the technology/security program (staffing increases, policy changes, risk assessment modifications, committee and board reviews, and budget modifications)
  7. Implement the necessary resources or actions to increase the bank’s cybersecurity resilience.

Should you have questions, please contact BankOnITUSA® at Solutions@BankOnITUSA.com or, 800-498-8877, option 2, to get in contact with BankOnIT’s regulatory and audit assistance personnel.

----

SOURCE
FFIEC – Cybersecurity Resource Guide for Financial Institutions

← Return to Blog

Tags Regulatory Bulletin
Disclaimer

This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Search

    Posts by Tag

    See all

    Related Posts

    Regulatory Update: FinCEN and OFAC Issue Advisories

    Summary The US Treasury’s Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Assets Control (OFAC) agen...

    Read more
    Receive BankOnIT Insights.
    Get timely information on cybersecurity, regulation, and other trends impacting your bank.

    About

    Solutions

    Contact

    Social

    © 2023 BankOnITUSA, LLC.Privacy