On November 3, 2014, the U.S. Federal Financial Institutions Examination Council (“FFIEC”) released observations from the recent cybersecurity assessment. During the past several months, FFIEC members led a cybersecurity assessment within 500 community institutions in order to gauge the institutions’ ability to alleviate cybersecurity risks. The “FFIEC Cybersecurity Assessment General Observations” includes questions that senior management may consider when examining their institutions’ cybersecurity preparedness.
The FFIEC also recommended that regulated financial institutions participate in the Financial Services Information Sharing and Analysis Center (“FS-ISAC”) as part of their process in identifying and assessing their cybersecurity risks. The FSISAC is a medium created by financial services industry participants in order to share information regarding threats to cybersecurity.
The FFIEC Cybersecurity Assessment General Observations is available at: http://www.ffiec.gov/press/PDF/FFIEC_Cybersecurity_Assessment_Observations.pdf.
The Cybersecurity Threat and Vulnerability Monitoring and Sharing Statement is available at: http://www.ffiec.gov/press/PDF/FFIEC_Cybersecurity_Statement.pdf.