Regulatory Update: FFIEC Releases a Cybersecurity Resource Guide for Financial Institutions
The Federal Financial Institutions Examination Council (FFIEC) has released a Cybersecurity Resource Guide. The newly developed guide provides a variety of resources specifically designed to help the financial sector address cybersecurity risks and threats while enhancing preparedness.
Included in the guide are four categories: assessments, exercises, information sharing, and response/reporting. The guide is a compilation of resources from various agencies such as the FFIEC, Center for Internet Security, Department of Homeland Security, FBI, FDIC, FinCEN, and FS-ISAC, among others.
For BankOnITUSA® Client Banks:
Banks currently utilizing BankOnITUSA®’s Bankers Private Cloud® services that follow recommendations provided by BankOnIT already have the required resources incorporated into their information technology/security environment.
The Bank’s dedicated account manager at BankOnIT will provide this guide, discuss key points and optional resources when attending the next upcoming IT Committee meeting.
No further action is required at this time.
For Non BankOnIT Client Banks:
Most of the guide’s resources are integral for a strong information technology/security environment, and some resources are required. Therefore, banks not using BankOnIT’s Bankers Private Cloud® are strongly encouraged to:
- Review the Guide
- Assess which resource(s) represent a regulatory requirement
- Document any gaps and the follow-up planned actions to meet regulatory requirements
- Track and document findings from assessments and mitigate risks
- Implement a process to monitor and respond to security alerts from FS-ISAC and similar agencies that are applicable to financial institutions.
- Determine which optional actions the bank could utilize to further strengthen the technology/security program (staffing increases, policy changes, risk assessment modifications, committee and board reviews, and budget modifications)
- Implement the necessary resources or actions to increase the bank’s cybersecurity resilience.
Should you have questions, please contact BankOnITUSA® at email@example.com or, 800-498-8877, option 2, to get in contact with BankOnIT’s regulatory and audit assistance personnel.