Content area
Full text
Pilot program aims to assess technology-risk readiness
COMMUNITY BANKS AND credit unions with inadequate programs to fight cyber risk may soon be hearing about it from their examiners.
New cybersecurity regulatory assessments - now being piloted at more than 500 community-sized institutions as part of regular safety and soundness exams - are meant largely to help authorities gauge cyber-risk readiness at smaller banks that lack the resources available to their larger counterparts.
But the assessments appear to be more than academic. Officials say issues arising during a review may be identified in an institution's formal exam.
"If we find issues, absolutely we are telling examiners that, based on the existing guidance, they need to inform management of the institution about where their program may be lacking," says Valerie...