Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Commercial Lawe-Commerce Law & StrategyFeaturesKickerLJN NewslettersNewsRegulationSectionsTechnology Media and TelecomTopics

<b><i>Online Extra:</b></i> FDIC Chimes In on Cybersecurity

By Marlisse Silver Sweeney
February 29, 2016

The Federal Deposit Insurance Corporation is the latest entity to release a framework for cybersecurity. Its division of risk management supervision published the document in the most recent issue of its supervisory highlights. It outlines the risk to financial institutions and 'is helpful for understanding the FDIC's cybersecurity focus and the issues upon which it expects banks subject to its supervision to focus,”according to Timothy Tobin and Katherine Gasztonyi of Hogan Lovells. Here are some of the document's key passages:

  • Corporate governance:”A bank should evaluate and manage cyber risk as it does any other business risk,' according to the FDIC. It notes that boards play a key role in overseeing programs to protect data and highlights that it is up to them to create a corporate culture that prioritizes cybersecurity.
  • Threat intelligence:'The FDIC is encouraging financial institutions to actively gather intelligence about various security risks through public and private sources, such as the Financial Services Information Sharing and Analysis Center and the U.S. Computer Emergency Readiness Team.
  • Security awareness training:”Even the best-designed security controls cannot fully protect a financial institution from one uninformed employee, contractor, or customer,' warns the FDIC. It encourages financial institutions to train employees of all levels, from entry level to the board, on cybersecurity threats.

Marlisse Silver Sweeney'writes for'Corporate Counsel, an ALM sibling of'e-Commerce Law & Strategy. Follow her on Twitter'@MarlisseSS.

Read These Next
The DOJ's Corporate Enforcement Policy: One Year Later Image

The DOJ's Criminal Division issued three declinations since the issuance of the revised CEP a year ago. Review of these cases gives insight into DOJ's implementation of the new policy in practice.

Use of Deferred Prosecution Agreements In White Collar Investigations Image

This article discusses the practical and policy reasons for the use of DPAs and NPAs in white-collar criminal investigations, and considers the NDAA's new reporting provision and its relationship with other efforts to enhance transparency in DOJ decision-making.

The DOJ's New Parameters for Evaluating Corporate Compliance Programs Image

The parameters set forth in the DOJ's memorandum have implications not only for the government's evaluation of compliance programs in the context of criminal charging decisions, but also for how defense counsel structure their conference-room advocacy seeking declinations or lesser sanctions in both criminal and civil investigations.

Compliance Officers: Recent Regulatory Guidance and Enforcement Actions and Mitigating the Risk of Personal Liability Image

This article explores legal developments over the past year that may impact compliance officer personal liability.

Bankruptcy Sales: Finding a Diamond In the Rough Image

There is no efficient market for the sale of bankruptcy assets. Inefficient markets yield a transactional drag, potentially dampening the ability of debtors and trustees to maximize value for creditors. This article identifies ways in which investors may more easily discover bankruptcy asset sales.