Enterprise Wide Cyber Risk Management

Posted by: Christine Thomas

Home/ Blog / Enterprise Wide Cyber Risk Management

Our financial industry has been plagued with financial crimes like phishing, fraud, critical data leakage, security lapses and anti-money laundering experiences. Cyber security has become an extremely important challenge for the banks. Failure in cyber security not only impacts operations, reputations and core processes, but public’s confidence in financial services also gets hampered. The U.S financial system is interconnected, thus a cyber- failure or incident at any one interconnected entity “may not only impact the safety and soundness of the entity, but also other financial entities with potentially systemic consequences,” the ANPR says.

According to recent reports banks may face enhanced cyber risk management rules. An advance notice of proposed rule-making (ANPR) has been issued by the three federal regulatory banking agencies and it addresses five categories:

  • Cyber-risk governance
  • Cyber-risk management
  • Internal dependency management
  • External dependency management ; Incident response
  • Cyber-resilience, and situational awareness

These enhanced rules would require firms to establish an enterprise-wide cyber-risk management framework that includes policies and reporting structures to support and implement the mitigation strategy. It would also require firms to integrate cyber-risk management into the responsibilities of at least three independent functions with appropriate checks and balances to ensure more effective and accurate identification, monitoring, measurement, reporting and management of cyber- risks.

The increasing volume and sophistication of cyber-attacks have made cyber security a very important regulatory risk for the banks. The adoption of effective cyber security standards has become an essential part of any banks’ risk management practices. Banks with an inadequate cyber security risk management program may be subject to significant risks, especially legal and reputational risks.

How can we help?

360factors, Inc. helps companies improve business performance by reducing risk and ensuring compliance. Predict360, its flagship information security risk management software product, provides a cloud-based comprehensive platform that correlates information security from multiple data sources with current information security regulations, standards and policies to gauge risk and provide actionable insight. It prepares you for the occurrence of cyber-attacks and addresses threats and cyber risks.

We also offer consulting services in the areas of air, water, and waste permitting and compliance, site investigation and remediation, environmental and dredge material sampling and evaluation, engineering and geology, expert testimony, health and safety, and operational risk management.  Its Managed Services incorporate outsourced risk and compliance services using Predict360.

Source: ComplianceWeek.com

 

Remain up-to-date on industry news / updates through our  Twitter & Linkedin profiles.

Request a Demo

Request a Demo

Complete the form below and our business team will be in touch to schedule a product demo.

By clicking ‘SUBMIT’ you agree to our Privacy Policy.

Stay Informed About Upcoming Webinars & Events!