FFIEC Releases Cybersecurity Assessment Tool For Financial Institutions To Test Cybersecurity Preparedness
The Federal Financial Institutions Examination Council (FFEIC) has announced the release of a free cybersecurity assessment tool to “help institutions identify their risks and determine their cybersecurity preparedness.”
The assessment will consist of two parts: Inherent Risk Profile and Cybersecurity Maturity. The assessment will first accesses an intuition’s risk based profile on five categories: Technologies and Connection Types; Delivery Channels; Online/Mobile Products and Technology Services; Organizational Characteristics; and External Threats. The assessment then evaluates an institution’s cybersecurity maturity in five categories: Cyber Risk Management and Oversight; Threat Intelligence and Collaboration; Cybersecurity Controls; External Dependency Management; and Cyber Incident Management and Resilience.
“The assessment is based on a 2014 pilot cybersecurity assessment of more than 500 financial institutions.”