Case Study: Cyber Security & Risk Assessment


In 2014 the FFIEC published its CyberSecurity Risk Assessment Tool, which was designed to assist financial institutions in assessing their maturity levels with regard to CyberSecurity threats. Although this was published as a voluntary tool, auditors and examiners have been including questions in their procedures regarding whether banks have completed the assessment tool.


Additionally, in 2015, the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Financial Services Sector Coordinating Council (FSSCC) collaborated on an updated version of the Assessment Tool to provide additional Risk Assessment, Maturity Assessment and Planning tools.


myTECQ has assisted its Financial Services clients by conducting these risk assessments and assisted in providing recommendations in procedures, communications and infrastructure to address ongoing CyberSecurity threats. Although these assessment tools are voluntary ( in all but 3 states), myTECQ can provide assistance in completion of the Assessment Tools, as well as recommendations for planning and implementation of systems and activities to better prevent attacks, or reduce the impact of such threats.