WASHINGTON (11/4/14)--A recently conducted cybersecurity assessment from the Federal Financial Institutions Examination Council (FFIEC) came up with five areas of focus that all financial institutions should focus on.
The assessment, conducted over the summer, saw FFIEC members assess more than 500 financial institutions to evaluate their preparedness to mitigate cybersecurity risks.
According to the FFIEC, the assessment supplemented regularly scheduled exams and built upon supervisory expectations contained within existing FFIEC information technology handbooks and other regulatory guidance.
The FFIEC released a document Monday containing themes from the assessment and suggesting questions that chief executive officers and boards of directors may consider when assessing their institutions' cybersecurity preparedness.
These themes are:
The FFIEC also recommended that financial institutions of all sizes participate in the Financial Services Information Sharing and Analysis Center (FS-ISAC) as part of identifying, responding to and mitigating cybersecurity threats and vulnerabilities.
The FS-ISAC is a nonprofit, information-sharing forum established by financial services industry participants to facilitate sharing of physical and cybersecurity threat and vulnerability information between the public and private sectors.