Cybersecurity Awareness Month occurs in October. The US Cybersecurity and Infrastructure Agency (CISA) created it to increase general awareness of emerging online threats and how best to avoid them.
There are likely a high number of systems in place at your institution. Running a successful financial institution relies heavily on tools and technologies that will improve the efficiencies of you and your team.
In a video released to FINOSEC Academy, Co-Founder and CEO, Zach Duke, poses some questions around the processes you currently have in place at your institution. Regardless of which department you think of first, it is likely that some outdated processes are still in place, and your information security and cyber security teams are no exception.
Understanding examiner expectations and knowing how to train your team and board on information security is important. You and your team need to know where the risks are and where regulators are focused based on those risks.
It’s vital for you to fully understand the information security management systems you have in place
But it’s a nuisance to keep track of them all. First, you need to know the status of every component, especially for the systems you outsourced. Then, you must also understand the different kinds of information the systems store, how it’s stored, how data is transmitted, and what kinds of information is transmitted.
A vital component of your information security program is an information security officer that is independent and adhering to appropriate segregation of duties as outlined by regulatory expectations.
And let’s acknowledge the tests associated with bank examiners definitely fall into the “not fun” category.
Have you addressed the Computer-Security Incident Notification Requirements for Banking Organizations? Full compliance has been extended to May 1, 2022. Five questions to ask:
In a technology driven industry, it is easy to assume that most of the decisions made around your cybersecurity posture are related to tools and software. While that may be the case a majority of the time, FINOSEC President and CEO Zach Duke also raises some questions and awareness around the impact of staffing on your cybersecurity and information security environment. In the video below, Zach poses questions around ISO independence, support infrastructure, and how to navigate staffing limitations. Watch the video and come back after the break for further discussion.