How this 1-2 punch to cyber threats impacts your financial institution

August 5, 2014 by AffirmX

by. Jesse Boyer

With a year already full of cyber attacks from DDoS to HijackRAT to Emmenta—and it’s only August—it shouldn’t be too surprising that regulators and other government agencies are trying to step up their cyber defense game. Enter beefed up cybersecurity risk assessments and the Cybersecurity Information Sharing Act (CISA). And surprise! Both strategies involve your institution.

Cybersecurity Risk Assessment

This year the Federal Financial Institutions Examination Council announced the addition of a cybersecurity risk assessment to regular IT examinations. On one hand, these assessments shouldn’t pose too great of a burden to your institution, because they evaluate things you likely are doing already—or should be. And if you’re not, this risk assessment isn’t your biggest worry.

On the other hand, many institutions are displeased with the addition of yet another risk assessment. These institutions already feel weighed down enough with the increasingly burdensome regulations that have come about since Dodd-Frank.

No matter which camp you’re in, you need to know what the FFIEC is expecting. These cyber security assessments will begin during exams later in 2014, so it would be prudent for financial institutions to begin preparing now. Luckily, FFIEC representatives broke their expectations down into four areas in a presentation given to over 5,000 CEOs the day after the announcement. (See the video below for more information.)

How this 1-2 punch to cyber threats impacts your financial institution

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!