Regulator creates cybersecurity threat assessment tool for banks

WASHINGTON – In response to the increasingly sophisticated volume of cyber threats, a federal interagency council today launched an assessment tool to help financial institutions identify risk and evaluate preparedness.

The Federal Financial Institutions Examination Council, an interagency body comprising five banking regulators, developed and launched the “Cybersecurity Assessment Tool.” The tool is designed to provide financial institutions “a repeatable and measurable process” to quantify cybersecurity preparedness over time, according to the FFIEC.

“Cyber incidents can have financial, operational, legal and reputational impact. Recently high-profile cyberattacks demonstrate the cyber incidents can significantly affect capital and earnings,” the FFIEC says in its report on the assessment.

High-profile financial institution cyberattacks like last year’s hack of more than 76 million household accounts and 7 million accounts at JPMorgan Chase Corp. highlight an overarching concern and challenge within the industry. Indeed, at a Bank Director’s Bank Audit and Risk Committees Conference in Chicago last month, 91 percent of attendees said their bank boards needed to improve their knowledge of cybersecurity and 42 percent believed their bank’s cybersecurity budget to be insufficient to protect the bank, according to a Bank Director press release.

- Advertisement -

“As part of cybersecurity, institutions should consider managing internal and external threats and vulnerabilities to protect infrastructure and information assets,” according to the FFIEC.

The Federal Deposit Insurance Corp., an FFIEC agency, says it will discuss the new tool with financial institution management during examinations to ensure awareness and to answer any questions.

For more information on the assessment tool, visit the FFIEC website: ffiec.gov/cybersecurity.htm.

No posts to display