Sage Advice - Cybersecurity Blog

How to Assess the Security of Your Cloud Service Providers

Like everything in technology today, the activities of cybercriminals are constantly evolving. Your organization must keep pace to protect your data and your reputation. The place most clients are with this query is, “What are our peers doing?”

Read More

Topics: Financial Sector, Cloud Security

Privacy, Cybersecurity, and the Nation’s Central Bank

People will defend their right to privacy to the end. Yet, they love their technology and so willingly share personal information online that they’re part of a coalition of malicious and legitimate cyber-actors that threaten it. Nevertheless, with legal ramifications growing, CISOs must now secure personally identifiable information (PII) and intellectual property (IP) while protecting its owner’s privacy.

Read More

Topics: CyberCrime Symposium, Financial Sector, Privacy

Understanding the FFIEC Cybersecurity Assessment Tool

In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool (Assessment) to help institutions identify their risks and determine their cybersecurity maturity. The methodology provides a repeatable process to measure your cybersecurity preparedness over time.

Read More

Topics: Compliance, Financial Sector

.BANK-ing on Better Cybersecurity

Every organization stands to lose a lot when it comes to cyber-attacks, but because they’re managing customer money and operating in a heavily regulated industry, financial services institutions have their own set of challenges. They’ve got a lot at stake on the cybersecurity front. So when ICANN announced it was expanding the number of generic top-level domain names (TLDs) from fewer than 25 to what will likely soon number in the thousands — banking associations didn’t want to take any chances with the .BANK and .INSURANCE TLDs.

Read More

Topics: CyberCrime Symposium, Financial Sector

Cybersecurity Exam Expectations - Five Key Areas You Should Focus On

In preparation for upcoming regulatory examinations, every financial institution should immediately start evaluating their cybersecurity profile. Examiners' cybersecurity assessment expectations are that executive management and boards of directors have an understanding of their banks cybersecurity strengths and weaknesses. According to those familiar with the examination pilot, cybersecurity examinations will focus on five key areas – governance, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber incident management and resilience.

Read More

Topics: Compliance, Financial Sector

2015 FFIEC Cybersecurity Priorities

Earlier this year, the Federal Financial Institutions Examiner’s Council (FFIEC) announced that their 2015 cybersecurity priority is to enhance regulator and financial institution assessment and examination capabilities, including updating the IT Examination Handbook, enhancing the technology service provider (TSP) examinations, and providing financial institutions with a self-assessment tool.

Read More

Topics: Compliance, Financial Sector

Why Cybersecurity is an Executive Responsibility

Cyber-attacks are escalating at an unprecedented pace with frightening veracity. Successful attacks not only result in major service disruptions and theft of data, but also the appropriation of infrastructure to perpetuate attacks on others. According to Forbes, the average loss per incident is up 23% year-over-year, and that the number of organizations reporting losses of more than $10 million per incident is up 75% from just two years ago.

Read More

Topics: Compliance, Risk Management, Financial Sector