All regulatory statements about cybersecurity have singled out the need for an incident response plan, and the FFIEC refers specifically to incident response testing.
While vendor oversight does provide some measure of assurance in outsourced relationships, banks have very little actual control over specific vendor-based preventive controls. Additionally, regulators make no distinction between a financial institution’s responsibilities for data security within direct control, and data outside direct control of the institution.
Safe Systems a national provider of compliance-centric IT solutions to financial institutions. The company manages hundreds of financial institutions representing more than USD 61 billion in combined assets, 1,100 locations and over 25,000 network devices.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.