Cybersecurity has been a focus as part of bank exams for years. Now the Federal Deposit Insurance Corp. (FDIC) is increasing its scrutiny of banks’ cybersecurity practices to ensure that the issue is getting appropriate attention from bank executives and boards. Bank regulators are planning to make cybersecurity a higher priority during bank exams as early as the second quarter of next year. The FDIC will revise its community bank examination program to break cybersecurity out as its own separate issue in examination comments.
Regulators want to ensure that there is an understanding of “cyber risk as it overlays into business decisions that you make at the board level,” an FDIC risk management official recently commented. Though outdated data security systems have typically been viewed as a “budget capital improvement” matter, the threat environment has changed. Now, the FDIC’s approach has changed along with it. Continue Reading