Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Financial Institution Letter

Heightened Cybersecurity Risk Considerations

Summary:

In response to the heightened cybersecurity risk facing the financial services industry and other critical business sectors, the FDIC and the Office of the Comptroller of the Currency issued an interagency statement on heightened cybersecurity risk. The statement focuses on risk management principles that can reduce the risk of a cyber-attack and minimize business disruptions.

Statement of Applicability to Institutions under $1 Billion in Total Assets: This Financial Institution Letter applies to all FDIC-supervised institutions, including community institutions.

Highlights:

  • The Department of Homeland Security has indicated there is heightened risk of cyber-attack against U.S. targets because of increased geopolitical tension.
  • The current environment provides an opportunity for banks to re-evaluate the adequacy of safeguards to protect against various types of cybersecurity risk.
  • The attached Heightened Cybersecurity Risk document highlights principles previously articulated by the FDIC and other banking regulators including: business resilience, authentication, system configuration, security tool, data protection, and employee training.
  • When banks apply cybersecurity risk management principles and risk mitigation techniques, they reduce the risk of a cyber attack's success and minimize the negative impacts of a disruptive and destructive cyber attack.

Suggested Distribution:

FDIC-Supervised Institutions

Suggested Routing:

Chief Executive Officer 
Chief Information Officer 
Chief Information Security Officer

FIL-3-2020
Attachment(s)

Last Updated: January 16, 2020