United States

11 cybersecurity issues financial institutions should consider now

Regulatory guidance provides a useful cybersecurity checklist


Download white paper

Guidance issued by the New York State Department of Financial Services on Dec. 12, 2014, not only offers insight into how regulators in many states are likely to approach cybersecurity, but also offers a solid checklist of key cybersecurity issues that your financial institution should address. Those areas of focus are:

  • Corporate governance, including organization and reporting structure for cybersecurity-related issues
  • Management of cybersecurity issues, including the interaction between information security and core business functions, written information security policies and procedures, and the periodic re-evaluation of such policies and procedures in light of changing risks
  • Resources devoted to information security and overall risk management
  • The risks posed by shared infrastructures
  • Protections against intrusion, including multifactor or adaptive authentication and server and database configurations
  • Information security testing and monitoring, including penetration testing
  • Incident detection and response processes, including monitoring
  • Training of information security professionals as well as all other personnel
  • Management of third-party service providers
  • Integration of information security into business continuity and disaster recovery policies and procedures
  • Cybersecurity insurance coverage and other third-party protections

Read 11 cybersecurity issues financial institutions should consider now to learn how to better secure your institution’s systems and data.