The FFIEC recently updated the IT Examination HandBook – Retail Payment Systems. The new information can be found in Appendix E “Mobile Financial Services”. Mobile financial services are growing in popularity and are radically changing how consumers pay for goods and services. Convenience is key; however, that means new threats and risks are introduced into a consumer’s life. Contine reading
FFIEC
FFIEC Releases Statement on Cyber Attacks Involving Extortion
Members of the Federal Financial Institutions Examination Council issued a statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion. The statement includes steps financial institutions should take to respond to these attacks and highlights resources that can be used to mitigate the risks posed by such attacks.
Cybersecurity Assessment Tool: An Update
The FFIEC issued a tool in June of this year to aid financial institutions (FI) in identifying and mitigating cyber risks. The verdict is still out on whether or not this tool is a requirement, highly recommended or completely optional. Upon first look at this tool in PDF format, it can appear confusing and cumbersome. So let’s first break down the pieces of the CAT and then I’ll explain how Traina & Associates can help you with your CAT if you choose to implement this at your FI. Contine reading
FFIEC – New Cybersecurity Assessment Tool
FFIEC released a Cybersecurity Assessment Tool to help financial institutions assess and mitigate current and future cybersecurity risks.
http://www.ffiec.gov/cyberassessmenttool.htm
FFIEC Checklist – Destructive Malware and Cyber Attacks
The FFIEC (Federal Financial Institutions Examination Council) released two statements regarding two critical threats, destructive malware and cyber attacks to obtain compromised credentials. These statements do not serve as new guidance or regulatory expectations; however, they identify specific controls to mitigate the risks related to malware and cyber attacks.
Contine reading