New FFIEC Cyber Exams: What to Expect

"It looks like additional emphasis will be placed on how the bank is monitoring and sharing information about current cyberthreats, and third-party access to internal network resources," likely a reaction to the Target Corp. breach, McHugh says.

Joram Borenstein, a cyber-fraud expert and vice president at NICE Actimize, which provides compliance services to banks and credit unions, says institutions just need to appreciate that the cyber landscape has changed.

"Banks are sharing information and trends informally, and have been doing so for years. What is different now is that the sharing communities have become larger, and the government is also supporting this sharing in a much more robust manner than ever before," he says. "Institutions should assume cybersecurity will become an increasingly regulated area to be handled in the same way other areas of compliance are handled."

Read more here.

Comments