trending Market Intelligence /marketintelligence/en/news-insights/trending/_GrI00Wz8gAvof4yrZrElg2 content
Log in to other products

Login to Market Intelligence Platform

 /


Looking for more?

Contact Us
In This List

Watchdog: FDIC's compliance with own cybersecurity processes inadequate

Banking Essentials Newsletter - November Edition

Online Brokerage Space Should Remain Rich Source Of M&A

University Essentials | COVID-19 Economic Outlook in Banking: Rates and Long-Term Expectations: Q&A with the Experts

Estimating Credit Losses Under COVID-19 and the Post-Crisis Recovery


Watchdog: FDIC's compliance with own cybersecurity processes inadequate

The Office of Inspector General for the Federal Deposit Insurance Corp., in another audit of the regulator's cybersecurity processes, found that the latter took an average of nine months to notify impacted individuals of breaches.

The watchdog's assessment covered 18 of 54 suspected or confirmed breaches at the FDIC from 2015 to 2016, involving personally identifiable information and potentially impacting more than 113,000 individuals.

It found that while the FDIC had processes in place for handling incidents where information is compromised, the regulator did not adequately implement the recommended steps or document its assessments and decisions. Nor did it track metrics identified in its data breach handling guide as key to improving its prevention and response capabilities.

The FDIC also has a process for convening a data breach management team, but has not provided specialized training to team members.

Following the receipt of the watchdog's audit, the FDIC concurred with its recommendations. The regulator has hired a permanent incident response coordinator and intends to hire an information security manager lead.

The FDIC expects to complete all corrective actions by Sept. 30, 2018.