FDIC Warns of Heightened Cyber Security Risks
The FDIC responded to increasing geopolitical risks (i.e. Iran post-Soleimani), with a statement "to remind supervised financial institutions of sound cybersecurity risk management principles."
Financial institutions have recently faced fines and sanctions for avoidable cyber attacks.
[Criminals] often obtain access to financial institution systems and networks by compromising user credentials and introducing malware through social engineering employees and contractors with phishing attacks.
In its statement, the FDIC reminds financial institutions of sound cyber risk management practices, including:
- Response, Resilience, and Recovery Capabilities
- Identity and Access Management
- Network Configuration and System Hardening
- Employee Training
- Security Tools and Monitoring
- Data Protection
Regarding Employee Training, the FDIC says the program must be:
- Ongoing - employee training on recognizing cyber threats, phishing, and suspicious links must be continuous
- Effective - firms must measure the effectiveness of their training programs
As risks and regulations increase, financial institutions are turning to INFIMA's fully automated Cyber Security Training to keep their teams safe.
Want to learn more? Start here!
For more information on each of these points, see the FDIC's formal statement here.
INFIMA Security Newsletter
Join the newsletter to receive the latest updates in your inbox.
Criminal Courts Hacked, Docs Leaked
With Courts sending and receiving tons of email with attachments, they are a ripe target for a crafty Phish.
What Do Canon, Jack Daniels and Carnival Cruises Have In Common?
You may patronize each of these companies on vacation, and now hackers are taking a lot of that money for themselves.
