The system aggregates event data across all cybersecurity tools and links policies to real-time alerts so that financial institutions can prove to regulators they are both secure and compliant with evolving FFIEC
cybersecurity requirements as well as with other regulations and their own policies.
Cybersecurity Assessment Tool provides a mechanism for organizations to assess their cyber readiness and maturity against industry baselines, effectively comparing themselves (anonymously) with their peers.
On June 30, 2015 the Federal Financial Institutions Examination Council (FFIEC
) released its much awaited Cybersecurity Assessment Tool which is designed to help financial institutions and regulators identify cybersecurity attack risks and to measure security preparedness as well.
In 2013, the FFIEC
published a recommended guide regarding social media that is meant to help financial institutions navigate compliance intricacies when using this communication channel (www.fdic.gov/news/news/financial/2013/fill3056.html).
draft regulations warn that financial institutions should be prepared to address the potential impact of negative comments on social media platforms, even if they don't post to social media themselves.
Before there was guidance from the FFIEC
, the majority of states used Uniform Commercial Code [section] 4A-202 (21) to establish the burden for any loss that occurred during the transfer of funds through online banking.
EXAMINATION COUNCIL, IT EXAMINATION HANDBOOK: INFORMATION SECURITY (2006), available at http://ithandbook.ffiec.gov/ITBooklets/ FFIEC_ITBooklet_InformationSecurity.pd f[hereinafter FFIEC
Information Security]; see also COBIT, supra note 36.
Cross-border exposures of bank holding companies are reported on the FFIEC
009, Country Exposure Report.
Trusteer, the leading provider of cybercrime prevention solutions, today announced that NEFCU has selected Trusteer Rapport to protect its retail banking members against cybercrime and meet new FFIEC
Guidelines for online banking security.
's 2005 recommendations on authenticating banking transactions focused on multi-factor authentication, which requires account holders to provide a user name and password, plus an additional identifier, such as information known only to the account holder or a code generated by a token, to access accounts.
That clarification was among the provisions of the FFIEC
The software was initially released with mappings to FDIC, OCC, OTS, NCUA, Federal Reserve, and FFIEC
information security regulations, examination handbooks, and guidance.