Oct 18

2016

While Weather Gets Cooler, Banking Cybersecurity Concerns Heat Up

By Great Bay Software

October is National Cyber Security Awareness Month (NCSAM) – targeted to educate banking customers. The Homeland Security website states, “NCSAM is designed to engage and educate public and private sector partners through events and initiatives.”

Community banks are using this annual campaign as an opportunity to demonstrate measures they are taking to safeguard customer data, which makes it a good time to review some of the ABCs of regulatory compliance and resources.

“The smartest banks will show how security is at the heart of their online operations in order to build confidence and trust amongst existing customers, while at the same time attracting new ones,” according to NTT Security.

How do you work through the maze of laws and regulations such as Sarbanes-Oxley, GLBA, OCC and FDIC, just to name a few? Many community banks find the FFIEC (Federal Financial Institutions Examination Council) to be an important resource. The FFIEC describes its role as “a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions”. The council members are:

  • FRB (Board of Governors of the Federal Reserve System)
  • FDIC (Federal Deposit Insurance Corporation)
  • NCUA (National Credit Union Administration)
  • OCC (Office of the Comptroller of the Currency)
  • CFPB (Consumer Financial Protection Bureau)

The FFIEC Cybersecurity Assessment Tool is a valuable resource for financial institutions to assess their own risk and develop an overall Cybersecurity strategy and plan.

The tool is designed to provide a measurable and repeatable process to measure an institution’s level of cybersecurity risk and preparedness. First, it offers a framework to identify risks. After creating an “Inherent Risk Profile”, the tool assists the user in determining the level of solution maturity and recommends actions within each of the following five domains:

  1. Cyber Risk Management and Oversight
  2. Threat Intelligence and Collaboration
  3. Cybersecurity Controls
  4. External Dependency Management
  5. Cyber Incident Management and Resilience

At Great Bay Software, we focus on providing solutions that fall within the “Cybersecurity Controls” domain.

I’m interested in learning if and how you use the FFIEC Assessment Tool, and the results you are achieving. Please comment below or contact me at sales@greatbaysoftware.com.

Endpoint Innovation Needed for Financial Institutions

Comments

Related Posts

Sep 18

2017

Enabling Audits and Cybersecurity Compliance

In common with the larger financial services industry, credit unions also continue to be a top target for cyberattacks. The risks are high and the consequences are costly. Given this, the NCUA...

Sep 07

2017

Delivering Significant IoT Security Enhancements

Expanded Network Infrastructure Support, Enhanced UX and Data Reporting and Advanced MAC Spoofing Detection We recently announced our Beacon Product Suite version 5.2. With this release, we deliver...

Jan 10

2017

5 Security Predictions for 2017: What Will be Your Greatest Risk?

Welcome to the New Year. From all of us at Great Bay Software, we wish you a safe and secure 2017. With recent news filled with stories of hacking by government actors, the prevention of cyberattacks...

Subscribe to Blog Updates