TMCnet News

FFIEC Launches Cybersecurity Web Page and Commences Cybersecurity Assessment
[June 24, 2014]

FFIEC Launches Cybersecurity Web Page and Commences Cybersecurity Assessment


(Targeted News Service Via Acquire Media NewsEdge) WASHINGTON, June 24 -- The Federal Financial Institutions Examination Council issued the following news release: The Federal Financial Institutions Examination Council (FFIEC) today launched a Web page on cybersecurity (www.ffiec.gov/cybersecurity.htm).The Web page is a central repository for current and future FFIEC-related materials on cybersecurity.



While information security has been a core focus of supervision for decades, the FFIEC members are taking a number of steps to raise awareness of cybersecurity risks at financial institutions and the need to identify, assess, and mitigate these risks in light of the increasing volume and sophistication of cyber threats that pose risks to all industries in our society. The FFIEC Web page provides links to joint statements, webinars, and other information that may help financial institutions when thinking about the issue of cybersecurity.

The launch of this Web page coincides with a pilot program at more than 500 community institutions, to be conducted by state and federal regulators, which will be completed during regularly scheduled examinations. Information from the pilot effort will assist regulators in assessing how community financial insitutions manage cybersecurity and their preparedness to mitigate increasing cyber risks. Regulators are particularly focusing on risk management and oversight, threat intelligence and collaboration, cybersecurity controls, service provider and vendor risk management, and cyber incident management and resilience. Another aim of the pilot is to help regulators make risk-informed decisions to enhance the effectiveness of supervisory programs, guidance, and examiner training.


FFIEC members will continue to assess the risks of cyber attacks to financial institutions and use the information gathered through a number of sources to determine the appropriate next steps and identify potential gaps in financial supervision.

Other recent FFIEC efforts on cybersecurity highlighted on the Web page include: * Creation of the Cybersecurity and Critical Infrastructure Working Group (July 2013) * Joint Statement concerning Microsoft's discontinuation of Microsoft Windows XP (http://www.ffiec.gov/press/pr100713.htm) (October 2013) * Joint Statement on Cyber Attacks on ATMs and Card Authorization Systems (http://www.ffiec.gov/press/PDF/FFIEC%20ATM%20Cash-Out%20Statement.pdf) (April 2014) * Joint Statement on Distributed Denial of Service Attacks (http://www.ffiec.gov/press/PDF/FFIEC%20DDoS%20Joint%20Statement.pdf) (April 2014) * Alert on Open SSL "Heartbleed" Vulnerability (http://www.ffiec.gov/press/pr041014.htm) (April 2014) * Webinar and video on cybersecurity for community institution CEOs (http://www.ffiec.gov/press/pr050714.htm) (May 2014) TNS 30BautistaJude 140625-4776994 30BautistaJude (c) 2014 Targeted News Service

[ Back To TMCnet.com's Homepage ]