Amid a rise in cyber attacks, federal regulators have issued new guidance designed to help financial firms evaluate their own security arrangements.
The Office of the Superintendent of Financial Institutions (OSFI) published guidance Monday that aims to assist firms in assessing their layers of defence against possible cyber attacks.
With cyber attacks becoming more frequent and more sophisticated, security measures are becoming more important due to “increasing reliance on technology, the interconnectedness of the financial sector, as well as the critical role that federally regulated financial institutions play in the overall economy,” it says.
OSFI says it does not plan to establish specific guidance for the control and management of cyber risk itself. However, it says it expects senior management at financial firms to review their cyber risk management policies and practices “to ensure that they remain appropriate and effective in light of changing circumstances and risks.”
And so, it is providing cyber security self-assessment guidance to help firms evaluate their current level of preparedness, and to help them develop and maintain effective cyber security practices.