CB
Uploaded byColleen Beck-Domanico
1,373 views

Cyber Security Tips and Resources for Financial Institutions

The document discusses the management of cyber security risks in financial institutions, emphasizing the importance of governance, vendor management, and incident response. It highlights the increasing sophistication of cyber attacks and the responsibility of banks to oversee vendor-related risks. Additionally, it provides resources and frameworks for improving cyber security measures and emphasizes ongoing education in risk management.

Embed presentation

Downloaded 57 times
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 1 JOIN. ENGAGE. LEAD. CYBER SECURITY TIPS AND RESOURCES FOR FINANCIAL INSTITUTIONS Managing Risk
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 2 JOIN. ENGAGE. LEAD. CYBER SECURITY RISK • Both preparing for and responding to cyber attacks increase the cost of doing business. • Attacks are increasingly more sophisticated.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 3 JOIN. ENGAGE. LEAD. CYBER SECURITY RISK (CONT.) Risks come directly through banking operations and through third-party providers. Impacts individual bank and entire payments system. Attacks come from criminals, politically hostile sources, and insiders. Data risks are difficult to control (legacy systems and manual points in any process compound the difficulty of threats). Cyber Threats Smaller institutions at most risk.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 4 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISKS Governance Vendor management Threat intelligence Incident response
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 5 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: GOVERNANCE
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 6 JOIN. ENGAGE. LEAD. GOVERNANCE Policies, Procedures, & Controls Assess risks Identify gaps Update Test
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 7 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: VENDOR MANAGEMENT
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 8 JOIN. ENGAGE. LEAD. COMPLIANCE RESPONSIBILITY Even if your vendor is responsible for day-to-day management of certain products or services, the responsibility for all compliance requirements resides with your institution.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 9 JOIN. ENGAGE. LEAD. MONITOR YOUR VENDORS Monitor your vendors’ performances to help ensure that your company meets its long-term strategic goals.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 10 JOIN. ENGAGE. LEAD. MULTIPLE FACETS Be aware that vendor risk management is part of many operational risk activities, including: Scenario analysis. Risk control self-assessments (RCSAs). Key risk indicators (KRIs). Information security. Business continuity planning.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 11 JOIN. ENGAGE. LEAD. Regulators have consistently advised banks to oversee vendors just as they would any division of the bank and will hold the bank accountable for any vendor- related risk management lapses. ACCOUNTABILITY
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 12 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: THREAT INTELLIGENCE
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 13 JOIN. ENGAGE. LEAD. SOURCES OF INTELLIGENCE Audit reports. Fraud detection analysis tools. BSA/AML monitoring tools. Cyber security services. U.S. Treasury, Office of Foreign Assets Control. Financial Services Information and Sharing Analysis Center (FS-ISAC). InfraGard (a partnership between the FBI and the private sector). United States Secret Service: Electronic Crimes Task Forces.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 14 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: INCIDENT RESPONSE
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 15 JOIN. ENGAGE. LEAD. INCIDENT RESPONSE: PLAN, PREPARE, AND TEST Plan & Prepare • Response policy and plan prior to incident. • Quick response guides for likely incidents. • Response team leader: – Designate executive as plan and response point person and ensure redundancy. • Response team: – Escalates internally – Notifies externally. Test • Train. • Run simulations routinely. • Include key stakeholders. • Fine-tune response capabilities.
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 16 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: IT RESOURCES
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 17 JOIN. ENGAGE. LEAD. IT RESOURCES  FFIEC IT Examination HandBook InfoBase  Introduction to the FFIEC’s Cybersecurity Assessment  Framework for Improving Critical Infrastructure
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 18 JOIN. ENGAGE. LEAD. Learn more about cyber security through RMA’s premier publication, The RMA Journal: http://ebiz.rmahq.org/eBusPPRO/CustomerProfile/ RMAJournalArticleSearch/tabid/393/Default.aspx Subscribe to The RMA Journal today! LEARN MORE
Enterprise Risk · Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 19 JOIN. ENGAGE. LEAD. SHARE THIS PRESENTATION Visit http://www.rmahq.org for information on risk management. Visit our blog at http://rmablog.rmahq.org/ RMA is a member-driven professional association whose sole purpose is to advance sound risk principles in the financial services industry. RMA helps its members use sound risk principles to improve institutional performance and financial stability, and enhance the risk competency of individuals through information, education, peer sharing, and networking. Become a member today.

More Related Content

PPTX
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
PPTX
The Board and Cyber Security
byFireEye, Inc.
 
PDF
Cybersecurity Roadmap Development for Executives
byKrist Davood - Principal - CIO
 
PDF
Building Security Operation Center
byS.E. CTS CERT-GOV-MD
 
PPTX
Cyber Security Threats in the Financial Sector
byFarook Al-Jibouri
 
PPTX
Banks and cybersecurity v2
bySemir Ibrahimovic
 
PPTX
Roadmap to security operations excellence
byErik Taavila
 
PDF
Cybersecurity Risk Management for Financial Institutions
bySarah Cirelli
 
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
The Board and Cyber Security
byFireEye, Inc.
 
Cybersecurity Roadmap Development for Executives
byKrist Davood - Principal - CIO
 
Building Security Operation Center
byS.E. CTS CERT-GOV-MD
 
Cyber Security Threats in the Financial Sector
byFarook Al-Jibouri
 
Banks and cybersecurity v2
bySemir Ibrahimovic
 
Roadmap to security operations excellence
byErik Taavila
 
Cybersecurity Risk Management for Financial Institutions
bySarah Cirelli
 

What's hot

PDF
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
PPTX
Cloud Security
byAWS User Group Bengaluru
 
PDF
Governance of security operation centers
byBrencil Kaimba
 
PDF
Building a Next-Generation Security Operations Center (SOC)
bySqrrl
 
PDF
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
byIBM Security
 
PDF
Cybersecurity roadmap : Global healthcare security architecture
byPriyanka Aash
 
ODP
Cyber security awareness
byJason Murray
 
PDF
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
PDF
Security operations center 5 security controls
byAlienVault
 
PPTX
SOC and SIEM.pptx
bySandeshUprety4
 
PDF
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
PPTX
Cyber Security roadmap.pptx
bySandeepK707540
 
PDF
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
PDF
Rothke secure360 building a security operations center (soc)
byBen Rothke
 
PDF
NIST cybersecurity framework
byShriya Rai
 
PDF
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
byMITRE - ATT&CKcon
 
PPTX
Introduction to Cybersecurity
byAdri Jovin
 
PPTX
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
PDF
Cyber Threat Intelligence
bymohamed nasri
 
PPTX
Cyber Kill Chain.pptx
byVivek Chauhan
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
byReZa AdineH
 
Cloud Security
byAWS User Group Bengaluru
 
Governance of security operation centers
byBrencil Kaimba
 
Building a Next-Generation Security Operations Center (SOC)
bySqrrl
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
byIBM Security
 
Cybersecurity roadmap : Global healthcare security architecture
byPriyanka Aash
 
Cyber security awareness
byJason Murray
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
Security operations center 5 security controls
byAlienVault
 
SOC and SIEM.pptx
bySandeshUprety4
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
Cyber Security roadmap.pptx
bySandeepK707540
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
byEnterprise Management Associates
 
Rothke secure360 building a security operations center (soc)
byBen Rothke
 
NIST cybersecurity framework
byShriya Rai
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
byMITRE - ATT&CKcon
 
Introduction to Cybersecurity
byAdri Jovin
 
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
Cyber Threat Intelligence
bymohamed nasri
 
Cyber Kill Chain.pptx
byVivek Chauhan
 

Similar to Cyber Security Tips and Resources for Financial Institutions

PDF
What to Do Before a Cyber Incident Occurs
byColleen Beck-Domanico
 
PPTX
10 Key Principles of Operational Risk Management
byColleen Beck-Domanico
 
PPTX
The Top Risks Challenging the Financial Services Industry
byColleen Beck-Domanico
 
PPTX
8 Risk Management Tips You Need to Know Now
byColleen Beck-Domanico
 
PPTX
How to Keep Your Balance as a Risk Manager
byColleen Beck-Domanico
 
PPTX
What Skills Will Risk Managers Need in 2028
byColleen Beck-Domanico
 
PPTX
GMFI Conference (3)
byDaniel Paula
 
PPTX
Building out a Robust and Efficient Risk Management - Alan Cheung
byLászló Árvai
 
PPT
NY Infragard Presentation Dec 2008
byCiaran Henry
 
PPTX
The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...
byColleen Beck-Domanico
 
PPTX
The Rise and Risks of Lending to Non-Depository Financial Institutions
byColleen Beck-Domanico
 
PDF
Operational Risk Governance: 5 Core Regulatory Expectations
byColleen Beck-Domanico
 
PDF
Risk & Advisory Services: Quarterly Risk Advisor May 2016
byCBIZ, Inc.
 
PPTX
Information Security and Risk Management.pptx
byprembasnet12
 
PPTX
Managing Operational Risk in Banks Bangladesh.pptx
byMatiurRahman60
 
PPTX
Small Business Lending Outlook
byColleen Beck-Domanico
 
PDF
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
byCBIZ, Inc.
 
PPT
ERM Presentation
byH Contrex
 
PPTX
Cyber Security # Lec 3
byKabul Education University
 
PPTX
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
byjamiejohngianna
 
What to Do Before a Cyber Incident Occurs
byColleen Beck-Domanico
 
10 Key Principles of Operational Risk Management
byColleen Beck-Domanico
 
The Top Risks Challenging the Financial Services Industry
byColleen Beck-Domanico
 
8 Risk Management Tips You Need to Know Now
byColleen Beck-Domanico
 
How to Keep Your Balance as a Risk Manager
byColleen Beck-Domanico
 
What Skills Will Risk Managers Need in 2028
byColleen Beck-Domanico
 
GMFI Conference (3)
byDaniel Paula
 
Building out a Robust and Efficient Risk Management - Alan Cheung
byLászló Árvai
 
NY Infragard Presentation Dec 2008
byCiaran Henry
 
The Top 7 Risks Challenging the Financial Services Industry in the COVID-19 E...
byColleen Beck-Domanico
 
The Rise and Risks of Lending to Non-Depository Financial Institutions
byColleen Beck-Domanico
 
Operational Risk Governance: 5 Core Regulatory Expectations
byColleen Beck-Domanico
 
Risk & Advisory Services: Quarterly Risk Advisor May 2016
byCBIZ, Inc.
 
Information Security and Risk Management.pptx
byprembasnet12
 
Managing Operational Risk in Banks Bangladesh.pptx
byMatiurRahman60
 
Small Business Lending Outlook
byColleen Beck-Domanico
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
byCBIZ, Inc.
 
ERM Presentation
byH Contrex
 
Cyber Security # Lec 3
byKabul Education University
 
01-Build-an-IT-Risk-Management-Program--Phases-1-3.pptx
byjamiejohngianna
 

More from Colleen Beck-Domanico

PPTX
The RMA COVID-19 Resource Center
byColleen Beck-Domanico
 
PPTX
How Modernized Training Is Influencing the Banking Industry
byColleen Beck-Domanico
 
PPTX
Recruiting, Developing, and Retaining Risk Talent
byColleen Beck-Domanico
 
PDF
How will climate change affect financial services?
byColleen Beck-Domanico
 
PPTX
Credit Risk Certification (CRC): 5 Reasons to Up Your Game
byColleen Beck-Domanico
 
PPTX
5 Risks in Commercial Lending
byColleen Beck-Domanico
 
PPTX
Implementing the CECL Standard: 5 Actions to Take Now
byColleen Beck-Domanico
 
PPTX
What is Blockchain and How Can It Change the Game for Financial Institutions?
byColleen Beck-Domanico
 
PPTX
Implementing the New BSA Customer Due Diligence Rule
byColleen Beck-Domanico
 
PPTX
Meeting the Challenge of HMDA Compliance
byColleen Beck-Domanico
 
PPTX
How to Measure and Mitigate Conduct Risk
byColleen Beck-Domanico
 
PPTX
3 Things You Should Know about Appraisals
byColleen Beck-Domanico
 
PPTX
Winning Tactics for Data Governance
byColleen Beck-Domanico
 
PPTX
Being a Banker Today: The Changing Role of the Underwriter
byColleen Beck-Domanico
 
PPTX
5 Commercial Real Estate (CRE) Challenges in 2017
byColleen Beck-Domanico
 
PPTX
A Quick Guide to Credit Considerations in Hospitality Lending
byColleen Beck-Domanico
 
PPTX
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
byColleen Beck-Domanico
 
PPTX
A Quick Guide to Credit Considerations in Real Estate Lending
byColleen Beck-Domanico
 
PPTX
How to Lower the Risk Profile of Your Auto Loan Portfolio
byColleen Beck-Domanico
 
PPTX
8 Things You Need to Know about HELOCs
byColleen Beck-Domanico
 
The RMA COVID-19 Resource Center
byColleen Beck-Domanico
 
How Modernized Training Is Influencing the Banking Industry
byColleen Beck-Domanico
 
Recruiting, Developing, and Retaining Risk Talent
byColleen Beck-Domanico
 
How will climate change affect financial services?
byColleen Beck-Domanico
 
Credit Risk Certification (CRC): 5 Reasons to Up Your Game
byColleen Beck-Domanico
 
5 Risks in Commercial Lending
byColleen Beck-Domanico
 
Implementing the CECL Standard: 5 Actions to Take Now
byColleen Beck-Domanico
 
What is Blockchain and How Can It Change the Game for Financial Institutions?
byColleen Beck-Domanico
 
Implementing the New BSA Customer Due Diligence Rule
byColleen Beck-Domanico
 
Meeting the Challenge of HMDA Compliance
byColleen Beck-Domanico
 
How to Measure and Mitigate Conduct Risk
byColleen Beck-Domanico
 
3 Things You Should Know about Appraisals
byColleen Beck-Domanico
 
Winning Tactics for Data Governance
byColleen Beck-Domanico
 
Being a Banker Today: The Changing Role of the Underwriter
byColleen Beck-Domanico
 
5 Commercial Real Estate (CRE) Challenges in 2017
byColleen Beck-Domanico
 
A Quick Guide to Credit Considerations in Hospitality Lending
byColleen Beck-Domanico
 
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
byColleen Beck-Domanico
 
A Quick Guide to Credit Considerations in Real Estate Lending
byColleen Beck-Domanico
 
How to Lower the Risk Profile of Your Auto Loan Portfolio
byColleen Beck-Domanico
 
8 Things You Need to Know about HELOCs
byColleen Beck-Domanico
 

Recently uploaded

PDF
"Mastering Excel: 20 Essential Tips to Boost Your Efficiency" CA SUVIDHA CHAPLOT
byCA Suvidha Chaplot
 
PPT
Transforming UK consumer price inflation statistics
byOffice for National Statistics
 
DOCX
Why Verified Bybit Accounts Are a Smart Investment Choice.docx
bymarketing
 
PDF
Where to Buy Verified Wise Accounts Safely in 2026.pdf
bymarketing
 
PDF
India_Budget_2026-2027_Key_Highlights_&_Economic_Vision.pdf
byNandaKishore794440
 
PDF
FESE Capital Markets Fact Sheet 2025 Q4.pdf
bysecretariat4
 
PDF
Step-by-Step Guide to Securely Buy Verified Payeer Accounts in 2026
bymittchelclark
 
PDF
Tips and Tricks for Successfully Purchasing Gmail Accounts in 2026
bymarkkinde3
 
PDF
Valkea Corporate Presentation February 2026
byAdnet Communications
 
PDF
Where to Safely Buy a Verified Cash App Account Online in 2026
byjaxsonzoi897
 
PDF
Bajaj Finserv Small Cap Fund - NFO presentation.pdf
byarpitadeb21
 
PDF
Maritime Routes and Trade in Ancient India India–Sri Lanka Exchanges in the I...
byAman Kumar Singh
 
PDF
How to Secure Verified Neteller Accounts in 2026
byjaxsonzoi897
 
PPTX
Easy Christmas Quiz cccccccccccccccccccc
by2d552hj52g
 
PDF
2026-01-26 Valkea Presentation_FINAL DRAFT.pdf
byAdnet Communications
 
PDF
How to Securely Purchase Verified PayPal Accounts in 2026
byjaxsonzoi897
 
DOCX
Best Practices for Buying Aged Twitter Accounts_ Top 18 Sites.docx
byBusiness
 
PDF
Best Online Sources for Buying Verified PayPal Business Accounts
byjackjon138649
 
PDF
India Economic Survey 2025-26 Economic Survey.pdf
byssuser9d8e4e
 
PDF
Where to Find Reliable Cash App Business Accounts Online in 2026
byusaseoshops
 
"Mastering Excel: 20 Essential Tips to Boost Your Efficiency" CA SUVIDHA CHAPLOT
byCA Suvidha Chaplot
 
Transforming UK consumer price inflation statistics
byOffice for National Statistics
 
Why Verified Bybit Accounts Are a Smart Investment Choice.docx
bymarketing
 
Where to Buy Verified Wise Accounts Safely in 2026.pdf
bymarketing
 
India_Budget_2026-2027_Key_Highlights_&_Economic_Vision.pdf
byNandaKishore794440
 
FESE Capital Markets Fact Sheet 2025 Q4.pdf
bysecretariat4
 
Step-by-Step Guide to Securely Buy Verified Payeer Accounts in 2026
bymittchelclark
 
Tips and Tricks for Successfully Purchasing Gmail Accounts in 2026
bymarkkinde3
 
Valkea Corporate Presentation February 2026
byAdnet Communications
 
Where to Safely Buy a Verified Cash App Account Online in 2026
byjaxsonzoi897
 
Bajaj Finserv Small Cap Fund - NFO presentation.pdf
byarpitadeb21
 
Maritime Routes and Trade in Ancient India India–Sri Lanka Exchanges in the I...
byAman Kumar Singh
 
How to Secure Verified Neteller Accounts in 2026
byjaxsonzoi897
 
Easy Christmas Quiz cccccccccccccccccccc
by2d552hj52g
 
2026-01-26 Valkea Presentation_FINAL DRAFT.pdf
byAdnet Communications
 
How to Securely Purchase Verified PayPal Accounts in 2026
byjaxsonzoi897
 
Best Practices for Buying Aged Twitter Accounts_ Top 18 Sites.docx
byBusiness
 
Best Online Sources for Buying Verified PayPal Business Accounts
byjackjon138649
 
India Economic Survey 2025-26 Economic Survey.pdf
byssuser9d8e4e
 
Where to Find Reliable Cash App Business Accounts Online in 2026
byusaseoshops
 

Cyber Security Tips and Resources for Financial Institutions

  • 1.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 1 JOIN. ENGAGE. LEAD. CYBER SECURITY TIPS AND RESOURCES FOR FINANCIAL INSTITUTIONS Managing Risk
  • 2.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 2 JOIN. ENGAGE. LEAD. CYBER SECURITY RISK • Both preparing for and responding to cyber attacks increase the cost of doing business. • Attacks are increasingly more sophisticated.
  • 3.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 3 JOIN. ENGAGE. LEAD. CYBER SECURITY RISK (CONT.) Risks come directly through banking operations and through third-party providers. Impacts individual bank and entire payments system. Attacks come from criminals, politically hostile sources, and insiders. Data risks are difficult to control (legacy systems and manual points in any process compound the difficulty of threats). Cyber Threats Smaller institutions at most risk.
  • 4.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 4 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISKS Governance Vendor management Threat intelligence Incident response
  • 5.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 5 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: GOVERNANCE
  • 6.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 6 JOIN. ENGAGE. LEAD. GOVERNANCE Policies, Procedures, & Controls Assess risks Identify gaps Update Test
  • 7.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 7 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: VENDOR MANAGEMENT
  • 8.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 8 JOIN. ENGAGE. LEAD. COMPLIANCE RESPONSIBILITY Even if your vendor is responsible for day-to-day management of certain products or services, the responsibility for all compliance requirements resides with your institution.
  • 9.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 9 JOIN. ENGAGE. LEAD. MONITOR YOUR VENDORS Monitor your vendors’ performances to help ensure that your company meets its long-term strategic goals.
  • 10.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 10 JOIN. ENGAGE. LEAD. MULTIPLE FACETS Be aware that vendor risk management is part of many operational risk activities, including: Scenario analysis. Risk control self-assessments (RCSAs). Key risk indicators (KRIs). Information security. Business continuity planning.
  • 11.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 11 JOIN. ENGAGE. LEAD. Regulators have consistently advised banks to oversee vendors just as they would any division of the bank and will hold the bank accountable for any vendor- related risk management lapses. ACCOUNTABILITY
  • 12.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 12 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: THREAT INTELLIGENCE
  • 13.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 13 JOIN. ENGAGE. LEAD. SOURCES OF INTELLIGENCE Audit reports. Fraud detection analysis tools. BSA/AML monitoring tools. Cyber security services. U.S. Treasury, Office of Foreign Assets Control. Financial Services Information and Sharing Analysis Center (FS-ISAC). InfraGard (a partnership between the FBI and the private sector). United States Secret Service: Electronic Crimes Task Forces.
  • 14.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 14 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: INCIDENT RESPONSE
  • 15.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 15 JOIN. ENGAGE. LEAD. INCIDENT RESPONSE: PLAN, PREPARE, AND TEST Plan & Prepare • Response policy and plan prior to incident. • Quick response guides for likely incidents. • Response team leader: – Designate executive as plan and response point person and ensure redundancy. • Response team: – Escalates internally – Notifies externally. Test • Train. • Run simulations routinely. • Include key stakeholders. • Fine-tune response capabilities.
  • 16.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 16 JOIN. ENGAGE. LEAD. MANAGING CYBER SECURITY RISK: IT RESOURCES
  • 17.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 17 JOIN. ENGAGE. LEAD. IT RESOURCES  FFIEC IT Examination HandBook InfoBase  Introduction to the FFIEC’s Cybersecurity Assessment  Framework for Improving Critical Infrastructure
  • 18.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 18 JOIN. ENGAGE. LEAD. Learn more about cyber security through RMA’s premier publication, The RMA Journal: http://ebiz.rmahq.org/eBusPPRO/CustomerProfile/ RMAJournalArticleSearch/tabid/393/Default.aspx Subscribe to The RMA Journal today! LEARN MORE
  • 19.
    Enterprise Risk ·Credit Risk · Market Risk · Operational Risk · Regulatory Compliance · Securities Lending 19 JOIN. ENGAGE. LEAD. SHARE THIS PRESENTATION Visit http://www.rmahq.org for information on risk management. Visit our blog at http://rmablog.rmahq.org/ RMA is a member-driven professional association whose sole purpose is to advance sound risk principles in the financial services industry. RMA helps its members use sound risk principles to improve institutional performance and financial stability, and enhance the risk competency of individuals through information, education, peer sharing, and networking. Become a member today.