Home / News / FFIEC Notes Inherent Risk, Preparedness as Cybersecurity Factors for Financial Institutions

FFIEC Notes Inherent Risk, Preparedness as Cybersecurity Factors for Financial Institutions

cybersecurityThe Federal Financial Institutions Examination Council says that financial institutions should focus their cybersecurity measures on managing inherent risk factors and engage executive leadership in evaluating an institution’s preparedness.

FFIEC said in a report published Monday that it conducted a cybersecurity assessment of 500 financial institutions earlier this year and found that inherent risk varies based on operational factors such as connection type, technologies, and product and service offerings.

Institutions should consider these factors and determine if their existing connections, offerings and technologies add to the inherent risk and if they can manage these factors amid the changing threat landscape, the council said.

It also added that risk management and oversight, collaboration on threat intelligence, cybersecurity controls, limited external dependence, and incident management and resilience are important practices to adopt to bolster preparedness.

FFIEC noted that the board of directors and senior management should be involved in discussing an institution’s capabilities and vulnerabilities and deciding on areas that need further work.

Check Also

FirstNet Follows Strict Certification Process for Apps

Mark Golaszewski, executive director of technology and innovation for the First Responder Network Authority, said the vetting process for FirstNet’s application catalog is stricter than that for commercial apps, GovTech reported Monday.

Leave a Reply

Your email address will not be published. Required fields are marked *