The Federal Deposit Insurance Corporation (FDIC) is urging financial institutions to actively utilize available resources to identify and help mitigate potential cyber-related risks. It is important for financial institutions of all sizes to be aware of the constantly emerging cyber threats and government-sponsored resources available to help identify these threats on a real-time basis.
"Cyber threats have been widely covered in the national media, and we believe that financial institutions and their technology service providers have been managing system updates to mitigate potential vulnerabilities in an effective manner. As discussed in yesterday's meeting of the FDIC Advisory Committee on Community Banking, financial institutions may benefit from greater awareness of the resources available to identify cyber-related risks as quickly as possible," said Doreen Eberley, Director of the FDIC Division of Risk Management Supervision.
Financial institutions should ensure that their Information Security staff are aware of and subscribe to reliable and recognized resources that can help quickly identify cyber risks as they emerge. Government and government-sponsored resources that financial institutions should consider include the following organizations.
The Department of Homeland Security's US-CERT facilitates the coordination of cyber information sharing and provides cyber vulnerability and threat information through its national Cyber Awareness System (NCAS). Financial institutions may learn more about US-CERT and subscribe to receive security alerts, tips and other updates through its website.
U.S. Secret Service Electronic Crimes Task Force (ECTF)
The Electronic Crimes Task Force teams local, state and federal law enforcement personnel with prosecutors, private industry, and academia to maximize what each has to offer in an effort to combat cyber criminal activity. For more information on the Electronic Crimes Task Forces please visit them online.
InfraGard is an information sharing forum between the FBI and the private sector. InfraGard operates more than 60 chapters that conduct local meetings pertinent to their area. Information about InfraGard may be obtained online.
The financial services sector has several regional coalitions established to enhance partnerships between private sector companies and state, local or regional governments. To find a regional coalition near you, please visit them online.
Information Sharing and Analysis Centers (ISACs)
Information Sharing and Analysis Centers provide risk mitigation information, incident response, alerts and facilitate information sharing among members. To find out more about the ISAC model, visit the National Council of ISACs here.