Could you implement a cybersecurity program?

October 27, 2014 by State of Mind

by: Henry Meier

The state’s financial regulator has signaled two areas that will be getting special scrutiny to prevent cyber breaches like the one that compromised information involving 76 million JP Morgan Chase customers. One step is to scrutinize third party vendor relationships. The other may be mandated cyber-security programs for financial institutions.

Reuters reports that last Tuesday, DFS Superintendent Ben Lawsky sent a letter to “many banks” expressing concern about the “level of insight financial institutions have into the sufficiency of cyber-security controls of their third-party service providers.” He wants the banks to disclose any policies and procedures they have related to their third party relationships and “to outline all methods of protection used to safeguard sensitive data that is sent to, received from, or accessible to vendors.”
You should not be all that concerned about this potential mandate if you have paid attention to NCUA’s Due Diligence Guidance. To its credit, vendor management has been a key concern of NCUA for years now.

In addition to reviewing NCUA’s guidance, for my money, vendor management comes down to contract management. Your contract should…

Could you implement a cybersecurity program?

Featured

3 terrible reasons for not teaching financial education in school

Five ways financial education drives brand awareness

Credit unions + financial education = brighter futures

Live event coverage: 2024 NACUSO Network

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!