Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

FFIEC

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

The Latest News

  • FFIEC to Prepare New Cyber-Risk Policy

    Regulators Reveal More Cybersecurity Initiatives FFIEC to Prepare New Cyber-Risk Policy

    The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details. Read more...

  • Fed, State Regulators: Reform Is Needed

    OCC, NY DFS Call for Better Standards, Info Sharing Fed, State Regulators: Reform Is Needed
    Thomas Curry and Benjamin Lawsky

    Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed. Read more...

  • Article

    Cloud Security Certification Launched

    Designed to Measure Advanced Competence By Geetha Nandikotkur
    Cloud Security Certification Launched

    (ISC)² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?

  • Article

    OCC Expands on Third-Party Cyber-Risks

    Director Offers Review of New Cyber-Resiliency Guidance By Tracy Kitten
    OCC Expands on Third-Party Cyber-Risks

    Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.

  • Interview

    Warning: Security Alert Overload

    Expert Says Warnings and Alert Messages Are Failing Us By Mathew J. Schwartz
    Warning: Security Alert Overload

    Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.

  • Blog

    Hot Sessions at Infosec Europe 2015

    Cybercrime, Data Breaches Among Topics at Must-See Sessions By Mathew Schwartz
    Hot Sessions at Infosec Europe 2015

    This year's Infosecurity Europe conference in London is offering a top-notch range of sessions, ranging from how to battle cybercrime and social engineering to building a better security culture and workforce. Here's my list of must-see sessions.

  • Interview

    EMV: Changing U.S. Payments

    Sophos' Chet Wisniewski on Emerging Challenges By Tracy Kitten
    EMV: Changing U.S. Payments

    The emergence of the EMV chip in the U.S. is soon going to change the payments game for issuers and merchants. Here, Sophos' Chet Wisniewski describes what bankers should be doing now to prepare.

More news...

Webinars

More webinars...

White Papers

  • The People Problem

    Organizations have a serious "people problem" when it comes to securing networks and data. They need to not only attract and train skilled IT security staff, but also address the habits of all users...

  • 5 Ways to Save Time and Money on Your Data Backups

    When it comes to IT professionals, one universal truth always seems to be present: you have way more work than you have time. Not to worry. This short e-book will highlight five key approaches that...

More whitepapers...
ARTICLE RSA Conference: Closing Thoughts

This year's event was bigger than ever, overwhelming to take in, and no single challenge, strategy...

Latest Tweets and Mentions

ARTICLE RSA Conference: Closing Thoughts

This year's event was bigger than ever, overwhelming to take in, and no single challenge, strategy...

The ISMG Network