FINOSEC President and CEO Zach Duke has spent a few minutes breaking down the Ransomware Self Assessment Tool. This tool was created by the Conference of State Bank Supervisors, and was crafted to help mitigate the risks associated with Ransomware. Furthermore, it serves as an effective communication piece that demonstrates to upper level management how the institution is actively being protected against this particular risk. Watch the short video below for what this tool includes and how it could serve you.
It is no surprise that the topic of ransomware has dominated the news as well as the minds of financial institutions everywhere. This conversation will continue to take place, and your regular exams and audits will be no exception. Here are some of the key questions this Ransomware self-assessment will ask so you can be ready when those conversations happen.
- What controls do you have in place?
- Do you have a Gap Analysis (that is, have you addressed elements that you do not currently have, but would like to?)
- Following number 2, what is the budgeting process to address gaps in your institution?
- Are you following the principle of least privilege and confirming that admin access is limited only to those who need it?
- Is MFA instituted at your institution?
- Finally, do you have cybersecurity insurance that will cover you in the event of a ransomware attack?
This is a subject that will only continue to grow and evolve, and more information is sure to come. To watch FINOSEC co-founder and CTO Scott McIlrath’s discussion on the new FINOSEC tool to address this self assessment, and to make sure you stay up to date on the latest news in cybersecurity and information security, be sure to sign up for the FINOSEC Academy by visiting https://www.finosec.academy.
Feel free to reach out to the FINOSEC team if you have any questions about the RSAT or any other cybersecurity governance issue.