OCC Bulletin 2022-22 | October 6, 2022
Cybersecurity: 2022 Cybersecurity Resource Guide for Financial Institutions
To
Chief Executive Officers of All National Banks, Federal Savings Associations, and Federal Branches and Agencies; Department and Division Heads; All Examining Personnel; and Other Interested Parties
Summary
The Federal Financial Institutions Examination Council (FFIEC),1 on behalf of its members, issued an update to the FFIEC Cybersecurity Resource Guide for Financial Institutions on October 3, 2022. The 2022 guide lists voluntary programs and actionable initiatives that are designed for or are available to help financial institutions meet their security control objectives and prepare to respond to cyber incidents.
Rescission
The 2022 FFIEC Cybersecurity Resource Guide for Financial Institutions rescinds and replaces the similarly named 2018 guide.
Note for Community Banks
This bulletin applies to community banks.2
Highlights
The revisions include
- updated resource links for the Assessment, Exercise, Information Sharing, and Response and Reporting categories.
- new ransomware specific resources.
Further Information
Please contact Patrick Kelly, Director of Critical Infrastructure Policy, at (202) 649-6550.
Grovetta N. Gardineer
Senior Deputy Comptroller for Bank Supervision Policy
Related Link
1 The FFIEC comprises the principals of the Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, and State Liaison Committee.
2 “Banks” refers collectively to national banks, federal savings associations, covered savings associations, and federal branches and agencies of foreign banking organizations.