The Federal Financial Institutions Examination Council has launched a new web page that aggregates cybersecurity information.
The web page provides links to joint statements, webinars, and other cybersecurity related information from FFIEC's six member agencies: the Federal Reserve, the Federal Deposit Insurance Corporation, the National Credit Union Administration; the Office of the Comptroller of the Currency; the Consumer Financial Protection Bureau, and the State Liaison Committee.
As cyber threats that pose risks to financial institutions increase in volume and become more sophisticated, FFIEC explained in a press release Wednesday, FFIEC agencies are taking a number of steps to raise awareness about these risks and the need to identify, assess, and mitigate them.
The web page currently features information about the Cybersecurity and Critical Infrastructure Working Group created in June 2013; a webinar and video on cybersecurity for community institution CEOs launched in May 2014; and joint statements from 2013 and 2014.
Alongside the web page, FFIEC has launched a pilot cybersecurity testing program that state and federal regulators will complete during regularly scheduled examinations at more than 500 community financial institutions.
Information from the pilot effort will assist regulators in assessing how these companies manage cybersecurity and their ability to mitigate cyber risks, the FFIEC says. The regulators are particularly focusing on risk management and oversight, threat intelligence and collaboration, cybersecurity controls, service provider and vendor risk management, and cyber incident management and resilience.
The pilot is also expected to help regulators train examiners and determine the appropriate next steps and identify potential gaps in financial supervision, FFIEC noted in the release.