-
Proposed NCUA Requirement for Cyber Incidents
In this special vlog post, Tom Hinkel weighs on a proposed NCUA notification requirement for cyber incidents.
-
FFIEC Cancels E-Banking Handbook
On May 13, 2022, the FFIEC very quietly rescinded the FFIEC Information Technology Examination Handbook (IT Handbook) booklet entitled E-Banking. The original booklet was released in 2003 and was accompanied by a flurry of activity by financial institutions to come up with a separate E-banking policy and risk assessment. In effect, the FFIEC is now…
-
Have There Been Any Official Board Reporting Updates to the FFIEC InfoSec Handbook since 2016?
Hey Guru! Do you have any additional blogs about FDIC changing the annual IT report to the board? I saw the article from 2012 and was wondering if there are any updates to that. Has the FFIEC updated its Information Security IT Handbook after 2016 in regard to this subject?Thank you,Lynn Hi Lynn, and thanks…
-
UPDATE – New Proposed Cyber Incident Notification Rules Finalized
Last updated March 30, 2022. Currently, financial institutions are required to report a cyber event to their primary federal regulator under very specific circumstances. This requirement dates back to GLBA, Appendix B to Part 364 and states that FI incident response plans (IRP’s) should contain procedures for: “Notifying its primary Federal regulator as soon as…
-
New Proposed Cyber Incident Notification Rules
Update: Since publishing this post, these rules have been finalized. We have a new post covering those details here. We first wrote about incident notification over ten years ago, and based on feedback from our cyber testing experience, financial institutions are still struggling with the issue of whether or not to notify their customers and…
-
A Look Back at 2020 and a Look Ahead to 2021: A Regulatory Compliance Update
From SafeSystems.com/Safe-Systems-Blog Safe Systems recently published a two-part regulatory compliance blog series that looked back at 2020 and ahead to 2021. In Part 1, we explored how regulations related to the Pandemic dominated the compliance landscape early in 2020 forcing financial institutions to make adjustments to their procedures and practices on the fly. In Part…