[ISN] FFIEC Cyber Assessments: What to Expect

http://www.bankinfosecurity.com/ffiec-cyber-assessments-what-to-expect-a-6831 By Tracy Kitten Bank Info Security May 12, 2014 The Federal Financial Institutions Examination Council’s new cybersecurity assessments for community banking institutions will be incorporated into the usual IT examination process, regulators say. Industry associations and analysts say banking leaders should be preparing for more stringent oversight of cybersecurity awareness and initiatives. A new work program and assessment tool for cybersecurity will be used in banking institutions’ regularly scheduled IT exams, says Stephanie Collins, spokeswoman for the Office of the Comptroller of the Currency, one of the banking agencies that’s part of the FFIEC. “[This] will allow us to develop a baseline assessment across the sector of how they are managing cybersecurity risks,” she says. “In order to ensure that we comprehensively assess the cybersecurity environment in which financial institutions operate, we also plan to involve a number of the most critical technology service providers.” On May 7 and 8, the FFIEC and the Office of the Comptroller of Currency announced plans to launch a pilot program for new cybersecurity assessments by the end of this year (see FFIEC Plans Cybersecurity Assessments). […]