Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

FDIC to Strengthen IT Security Following IG Audit

An audit found notable weaknesses within the FDIC’s information security processes.

The Federal Deposit and Insurance Corporation’s information technology and security systems are relatively strong, but some weaknesses could lead to sensitive financial information being compromised.

These findings come from the latest audit ordered by the FDIC’s Office of the Inspector General, as required by the Federal Information Security Modernization Act of 2014 to ensure government agencies’ IT and security infrastructure are sufficient.

Some of the critical data stored on FDIC networks include Social Security and bank account numbers, bank examination information, and credit card numbers. Without proper cybersecurity infrastructure, these data could be vulnerable to hacks or ransomware attacks. 

The IG used metrics to evaluate the FDIC’s IT systems and examined their abilities to identify, protect, detect, respond and recover sensitive data contained within the agency’s networks. 

Using a numerical scale to calculate a final score assessing the strength of a government agency’s IT infrastructure, the FISMA audit gave the FDIC a Maturity Level 4 out of a possible 5 levels. The high score was largely due to the FDIC’s strong security controls, updated privacy requirements, enhanced procedures for employee and contractor investigations, and improved oversight authorities.

The audit noted that despite the high score, cybersecurity risks are still possible. 

“Achieving Level 4 does not mean that the FDIC is without risks to cyberattack,” the report reads. Weaknesses within the FDIC’s internal systems included its supply chain risk management program and administrative accounts security measures. Vulnerabilities in both of these arenas increase the likelihood of exploitation by hackers.

Ultimately, the audit resulted in six recommendations for the FDIC to consider implementing. They include implementing privacy controls and processes for all systems in accordance with government guidelines, and broadly strengthening the agency’s information security programs, particularly within supply chain risk management operations. 

In a response, leadership at the FDIC agreed with the report’s findings, noting that it was “pleased” to score a Maturity Level 4.

“The FDIC concurs with these recommendations and is committed to addressing them as part of its continuing efforts to improve its information security posture,” a letter issued by the FDIC’s Chief Privacy Officer and Chief Information Officer Sylvia Burns and Chief Information Security Officer Zachary Brown read. 

Source: https://www.nextgov.com/cybersecurity/2021/10/fdic-strengthen-it-security-following-ig-audit/186495/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

How a cornerstone cybersecurity program has evolved from information collection to active defense. The Cybersecurity and Infrastructure Security Agency has used its Continuous Diagnostics...

Cyber Security

Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors. Cybersecurity experts say critical infrastructure operators can leverage a set...

Cyber Security

A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the...

Cyber Security

Despite recent improvements, a watchdog report claims the agency still has more it can do to make threat-sharing policies more effective. Though the Federal...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO