WASHINGTON — Comptroller of the Currency Thomas J. Curry today issued the following statement recognizing October as National Cybersecurity Awareness Month.
President Obama designated October as National Cybersecurity Awareness Month to raise awareness of threats to the data systems that have become part of our everyday lives and to encourage each of us to take steps to safeguard those systems.
Reports of breaches have become regular features of the daily news, and they serve as reminders of the risks associated with living and working in an increasingly interconnected world. As the primary regulator of America’s national banks and federal savings associations, we have worked with fellow regulators to address the risks that cyber threats pose to individual banks and thrifts, as well as the financial system as a whole.
Over the past several years, financial industry supervisory agencies have improved coordination and information sharing, raised awareness of best practices and current threats, and established a standard method for assessing cybersecurity readiness. The criminals and terrorists behind cyber threats never take a day off, and neither can we. The threat requires vigilance from banks of all sizes, as well as the service providers that support them.
While our goal is to prevent breaches, we must also ensure we have in place effective incident response plans to detect, assess, and respond to cyber attacks when they occur. When responding to an attack, open communication is essential for financial institutions, because the effects of a cyber incident can extend beyond an individual bank or thrift to affect others.
Banks and thrifts need to discuss these incidents, as they unfold, with their supervisors and law enforcement, as well as through information sharing forums such as the Financial Services Information Sharing and Analysis Center. That is why, when responding to an incident, our immediate focus is to help ensure the affected institution has access to the resources it needs to respond to the threat and that the information it provides is shared in a timely, meaningful way with other institutions and law enforcement. Such collaborative communication protects the safety and soundness of the individual institution and the broader federal banking system. More information for financial institutions is available from the Federal Financial Institutions Examination Council at https://www.ffiec.gov/cybersecurity.htm.
Individually, we all share in the responsibility to protect our personal information and safeguard the sensitive information and the valuable resources we are entrusted with in the workplace. Find out how you can get involved with raising cybersecurity awareness by visiting StaySafeOnline.org and StopThinkConnect.org.