Washington, D.C. –The Financial Services Sector Coordinating Council (FSSCC) released the new Cybersecurity Profile. The Profile provides a framework that integrates widely used standards and supervisory expectations to help guide financial institutions in developing and maintaining cybersecurity risk management programs. The Profile is the result of two years’ work and collaboration among financial institutions, trade groups, and government agencies which was spearheaded by FSSCC, the American Bankers Association, Bank Policy Institute’s technology policy subdivision BITS, Futures Industry Association, Global Financial Markets Association (and its member associations of the Association for Financial Markets in Europe, the Asia Securities Industry & Financial Markets Association, and the Securities Industry and Financial Markets Association), and the Institute of International Bankers. The profile was developed in response to a survey of chief information security officers from financial institutions that indicated nearly 40% of their time was spent on compliance and reconciling competing, duplicative, redundant, and inefficient cybersecurity supervisory examinations.
January 18, 2018
January 22, 2018
On January 18, the NIST Cyber Security Framework Comment Letter Task Group responded to the National Institute of Standards and Technology’s request for public comment on its second draft of version 1.1 (“Draft 2”) of its Framework for Improving Critical Infrastructure Cybersecurity. Read the letter here
FSSCC issued a press release on the recently-released President Executive Order Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Read more here
April 10, 2017
April 11, 2017
On April 10, FSSCC submitted a comment letter in response to the NIST Proposed Update to the Framework for Improving Critical Infrastructure Cybersecurity. Read more here.
February 17, 2017
February 17, 2017
On February 17, FSSCC submitted a comment letter in response to the jointly issued Federal Reserve System, Office of the Comptroller of the Currency, and Federal Deposit Insurance Corporation advanced notice of proposed rulemaking (ANPR), Enhanced Cyber Risk Management Standards. Read the letter here