News

New cybersecurity Web page links FIs to risk-management resources

A new FFIEC Web page will serve as a central repository for materials on cybersecurity, as well as links to statements, webinars and other useful security information.

June 24, 2014

The Federal Financial Institutions Examination Council is taking steps to raise awareness of cybersecurity risks at financial institutions, as well as the need to identify, assess, and mitigate these risks in light of their increasing volume and sophistication.

To this end, the FFIEC today launched a Web page dedicated to cybersecurity, according to a news release. The page serves as a repository for FFIEC-related materials on cybersecurity, and provides links to joint statements, webinars and other information that can be of help to financial institutions.

The launch of this Web page coincides with a pilot program at more than 500 community institutions, to be conducted by state and federal regulators during regularly scheduled examinations.

Information from the pilot effort will help regulators assess the management of cybersecurity at community FIs and gauge their preparedness to mitigate increasing cyber risks. Regulators are focusing particularly on risk management and oversight, threat intelligence and collaboration, cybersecurity controls, service provider and vendor risk management, and cyber incident management and resilience.

An additional goal of the pilot is to help regulators make risk-informed decisions to enhance the effectiveness of supervisory programs, guidance and examiner training.