FFIEC Releases Cybersecurity Resource Guide for Financial Institutions
The Federal Financial Institutions Examination Council (FFIEC), of which the NCUA is a member, released an update to the October 2018 “Cybersecurity Resource Guide for Financial Institutions. (opens new window)”
The programs and tools in the guide are designed for, or otherwise available to, financial institutions. The purpose of this guide is to help financial institutions meet their security control objectives and prepare to respond to cyber incidents. This version replaces the guide from October 2018 and the use of these resources remains voluntary. FFIEC member organizations do not endorse the listed entities or tools identified therein.
Additionally, in recent years, ransomware incidents have become increasingly prevalent. These incidents continue to evolve in severity and complexity impacting the financial sector and other critical infrastructure organizations. To address this evolving threat, the resource guide now includes ransomware-specific resources that can be accessed in combating this ongoing threat.
Cyberattacks and cybersecurity vulnerabilities pose significant risks to the financial system. Because of vulnerabilities within the credit union industry and the broader financial system to potential cyberattacks, cybersecurity is one of the NCUA’s top supervisory priorities and a top-tier risk under the agency’s enterprise risk-management program. The information contained on the NCUA’s Cybersecurity Resource Center is offered as a resource for research and informational purposes to help credit unions improve their cyber resilience
The NCUA has made a good-faith effort to collect and post resources from the agency and those throughout the federal government and private sector. The content in this resource center may not reflect all of the requirements or guidance in the area of cyber and information security and should not be construed as requirements except as noted. The NCUA does not endorse any vendor, service, or product. When you access links on these webpages, you may leave the NCUA’s public website.