On July 14, 2016, Chairman of the US FDIC Martin J. Gruenberg testified before the Committee on Science, Space and Technology of the US House of Representatives regarding the FDIC’s approach to cybersecurity, generally as well as in light of two recent security incidents that prompted audits by the Office of Inspector General (OIG). The first security incident involved a former FDIC employee’s attempt to transfer copies of sensitive resolution plans from the internal network onto an unencrypted removable storage drive. The second incident involved a former FDIC employee who copied large quantities of sensitive FDIC information, including personally-identifiable information of bank customers, to removable media. During his testimony, Gruenberg discussed the results of the OIG audits and discussed in detail how the FDIC plans to revise its existing information security policies to ensure that similar breaches do not reoccur. Gruenberg emphasized that “an effective FDIC information security and privacy program is critical to [the] mission of maintaining stability and public confidence in the nation’s financial system,” and assured the Committee that the FDIC is taking all necessary steps to minimize future cybersecurity threats.
Chairman Gruenberg’s statement is available at: https://www.fdic.gov/news/news/speeches/spjul1416.html