The system aggregates event data across all cybersecurity tools and links policies to real-time alerts so that financial institutions can prove to regulators they are both secure and compliant with evolving
FFIEC cybersecurity requirements as well as with other regulations and their own policies.
The
FFIEC Cybersecurity Assessment Tool provides a mechanism for organizations to assess their cyber readiness and maturity against industry baselines, effectively comparing themselves (anonymously) with their peers.
On June 30, 2015 the Federal Financial Institutions Examination Council (
FFIEC) released its much awaited Cybersecurity Assessment Tool which is designed to help financial institutions and regulators identify cybersecurity attack risks and to measure security preparedness as well.
In 2013, the
FFIEC published a recommended guide regarding social media that is meant to help financial institutions navigate compliance intricacies when using this communication channel (www.fdic.gov/news/news/financial/2013/fill3056.html).
The
FFIEC draft regulations warn that financial institutions should be prepared to address the potential impact of negative comments on social media platforms, even if they don't post to social media themselves.
Before there was guidance from the
FFIEC, the majority of states used Uniform Commercial Code [section] 4A-202 (21) to establish the burden for any loss that occurred during the transfer of funds through online banking.
EXAMINATION COUNCIL, IT EXAMINATION HANDBOOK: INFORMATION SECURITY (2006), available at http://ithandbook.ffiec.gov/ITBooklets/ FFIEC_ITBooklet_InformationSecurity.pd f[hereinafter
FFIEC Information Security]; see also COBIT, supra note 36.
Cross-border exposures of bank holding companies are reported on the
FFIEC 009, Country Exposure Report.
Trusteer, the leading provider of cybercrime prevention solutions, today announced that NEFCU has selected Trusteer Rapport to protect its retail banking members against cybercrime and meet new
FFIEC Guidelines for online banking security.
The
FFIEC's 2005 recommendations on authenticating banking transactions focused on multi-factor authentication, which requires account holders to provide a user name and password, plus an additional identifier, such as information known only to the account holder or a code generated by a token, to access accounts.
That clarification was among the provisions of the
FFIEC's Dec.
The software was initially released with mappings to FDIC, OCC, OTS, NCUA, Federal Reserve, and
FFIEC information security regulations, examination handbooks, and guidance.