FDIC "Framework for Cybersecurity" Highlights How Financial Institution Information Security Programs Can Better Respond to Evolving Cyber Threats

Authored by Doug Bonner

In February, 2016, the Division of Risk Management Supervision of the Federal Deposit Insurance Corporation (“FDIC”) published “A Framework for Cybersecurity.” The article provides a good “sanity check” for financial institutions to ensure that they are using best practices to manage and update their information security programs as needed to ensure that the programs are prepared for new and emerging cybersecurity threats.  Under the Gramm Leach Bliley Act (GLB Act), and its implementing FDIC Rules (Appendix B) and the Federal Reserve’s Interagency Guidelines Establishing Information Security Standards, financial institutions must develop and maintain an effective information security program. The FDIC article proposes a new cybersecurity framework that proposes to “modify” existing information security programs at financial institutions to address emerging cyber risks” as “the operating environment and threat landscape change.”

Continue reading…(WCSR.com in new window).

Leave a Reply