Saturday, June 28, 2014

FFIEC Cybersecurity Assessments Begin

FFIEC Cybersecurity Assessments Begin
500 Community Institutions to Be Examined in Pilot

The Federal Financial Institutions Examination Council has started its cybersecurity assessment pilot program, which will examine more than 500 community banking institutions. Plus, the council has launched a Web page dedicated to cybersecurity information.

The pilot program is slated to run through July, says Stephanie Collins, spokesperson for the Office of the Comptroller of the Currency.

The aim of the pilot program is to help smaller banking institutions address potential security gaps. The assessments will be conducted by state and federal regulators during regularly scheduled examinations, the FFIEC says.

"Information from the pilot effort will assist regulators in assessing how community financial institutions manage cybersecurity and their preparedness to mitigate increasing cyber risks," the council says.

Areas the regulators will be focusing on during the cyber-assessments include risk management and oversight; threat intelligence and collaboration; cybersecurity controls; service provider and vendor risk management; and cyber-incident management and resilience.

"Another aim of the pilot is to help regulators make risk-informed decisions to enhance the effectiveness of supervisory programs, guidance and examiner training," the FFIEC says.

Read more here.

No comments: