Cybersecurity Assessment Tool provides a mechanism for organizations to assess their cyber readiness and maturity against industry baselines, effectively comparing themselves (anonymously) with their peers.
NAFCU Regulatory Affairs Counsel Kavitha Subramanian submitted a letter to the FFIEC
requesting that the assessment tool utilization remain voluntary.
Currently, a number of companies are indeed developing hybrid products--some of which were in development prior to the FFIEC
announcement and now are likely to be specifically tailored to address the concerns of both the federal agencies and clients.
In requiring the use of two-factor authentication, the new FFIEC
guidelines are taking square aim at the preponderance of phishing scams, online fraud, hacking and identify theft that prey on the trust or naivete of customers and exist on the periphery of legitimate online banking initiatives.
The FDIC mandates multifactor authentication and the FFIEC
Guidance highlights material information that matches information available from trusted third-party sources.
The handbook and other FFIEC
resources are available on our Web site, at www.
What are the regulatory expectations, expressed within the 2011 FFIEC
supplemental guidance, as they apply to authentication?
This update to the Assessment addresses changes to the FFIEC
IT Examination Handbook by providing a revised mapping in Appendix A to the updated Information Security and Management booklets.
The booklet, which includes IT examination procedures, was substantially revised, the FFIEC
said in a release.
members plan to update the assessment as threats, vulnerabilities and operational environments evolve.
To help companies in preparing for the 2012 FFIEC
Authentication Guidance Examination, the Knowledge Group has assembled a panel of key regulators and thought leaders to help them navigate through the compliance issues in terms of risk-based assessments, online risk mitigation and improved customer and employee fraud awareness.
Global Banking News-June 30, 2011--IronKey solution meets FFIEC
guidelines(C)2011 ENPublishing - http://www.