GAO Sees Room for Improvement in Bank Cyber Security Exams

A new report from the U.S. Government Accountability Office (GAO) suggests that U.S. banking regulators must hire and train more examiners with technology expertise to give more useful cyber security recommendations to small and mid-sized banks. According to GAO, many U.S. credit unions are vulnerable to cyber threats from outside vendors that help run their businesses, because their overseer, the National Credit Union Administration (NCUA) lacks authority to review technology practices of those companies. It is reported that GAO has long been pushing to expand the NCUA’s authority, but credit unions themselves and their vendors have been resistant to the idea, calling it a regulatory overreach.

ATF Executive Investigated for Possible Employee Data Breach

Scott Sweetow, a deputy assistant director for strategic intelligence and information at Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) headquarters in Washington, is under investigation for allegedly sending employee information to his personal email account. It was not immediately clear how many employees were affected by the possible breach. Sweetow stated that this allegation was the result of an intentional damage to his reputation and he was very guarded about any work products he may be working. Besides, ATF would not discuss specific personnel issues, actions, or the existence of ongoing investigations.

FFIEC Cybersecurity Assessment ‘Tool’ Goes Live

On Tuesday, the Federal Financial Institutions Examination Council (FFIEC) released a new tool to help financial institutions identify their level of risk to a cyber-attack and also gauge their ability to manage and control their own specific threat levels. The two-part tool is a user’s guide that leads institutions through the self-assessment procedure. The first part is the “Inherent Risk Profile,” which catalogues an institution’s technology and connection types and other facets of its risk characteristics. The second part is the assessment on the institution’s cyber risk management, threat intelligence and how it would respond to a cyber-attack.

Ireland Gears Up for Cyber War – New Strategy to Protect Critical Infrastructure

The government of Ireland has published the country’s National Cybersecurity Strategy that outlines how Ireland will defend its computer networks and sensitive infrastructure (such as water and electricity) in the event of a cyberattack. The strategy acknowledges that on a national level, Ireland faces a more complex set of risks than other countries due to the presence of a large number of data-centric companies, including Amazon, Google, Facebook, Microsoft, Apple, IBM and others. These companies have many data centers that are already in Ireland or are expecting to be deployed in Ireland in the near future.To address the concern of cybersecurity, the Irish government has established the National Cybersecurity Center(NCSC) within the Department of Communications. This center will be in charge of securing government networks and critical national infrastructure, such as electricity, water, transportation, telecoms, commerce and health.

‘Digital Amnesia’ Growing Among Americans

In a recent Kaspersky Lab survey of 1,000 Americans aged 16 or older, the researcher found that people are increasingly relying on their devices for many things, and seem lost without a digital assistant. This “symptom” is referred to as “digital amnesia” or “Google effect,” which has resulted in a dependence on digital devices connected to the internet, with most people unable to commit simple information to memory. About 91% of respondents said that they used the Internet as an online extension of their brain. A researcher from this study said that the digital amnesia is likely to extend beyond online facts to include personal information, such as the parents’ number, the siblings’ numbers, etc.

Follow the SiteLock blog for the latest cybersecurity news.