Six Key Cybersecurity Controls that are Critical to Banks
Six Key Cybersecurity Controls that are Critical to Banks
Cybersecurity risk heightened with bank wiring
The OCC and FDIC recently issued an interagency statement on heightened cybersecurity risks, prompted in part by a warning from the Department of Homeland Security of potential cyberattacks against U.S. targets because of increased geopolitical tension. The statement reminds banks not only to implement and maintain effective preventive controls, but also to prepare for a worst-case scenario by maintaining sufficient business continuity planning processes for the rapid recovery, resumption and maintenance of the institution’s operations.
The statement describes six key cybersecurity controls that are critical to protecting banks from malicious activity:
-
Response, resilience and recovery capabilities,
-
Identity and access management,
-
Network configuration and system hardening (that is, modifying settings and eliminating unnecessary programs to minimize security risks),
-
Employee training,
-
Security tools and monitoring, and
-
Data protection.