August 26, 2021

Biden hosts cybersecurity summit, indicates strong need for authentication mechanisms

White HousePresident Joe Biden Wednesday met with several private sector stakeholders to discuss the need for expanding cybersecurity protections, enhancing critical infrastructure resilience, and cultivating cybersecurity talent across all sectors of the economy. Financial institutions are currently supervised by entities that regularly examine technical safeguards and federal financial regulators have already started a transition towards multi-factor authentication as a best practice at financial institutions.

Of note, the Federal Financial Institutions Examination Council (FFIEC) issued new guidance that provides financial institutions with examples of effective authentication and access risk management practices for customers, employees, and third parties accessing digital banking services and information systems.

The guidance highlights the current cybersecurity threat environment and replaces previous documents issued in 2005 and 2011.

In addition, the FFIEC recently retired its Operations Booklet – originally published in 2004 – and replaced it with a much more extensive Architecture, Infrastructure, and Operations (AIO) Booklet in its Information Technology (IT) Examination Handbook.

The AIO Booklet sets forth expectations for financial institutions to manage evolving technologies. For more information on updates from the FFIEC, the NAFCU Compliance Team has issued previous blog posts to outline the new AIO Booklet and detail the authentication and access guidance.

As a leader in calling for a national data security standard, NAFCU has many resources available to ensure credit unions can effectively identify and address cybersecurity concerns.