Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2020-SR-B-019 September 30, 2020

The Board's Approach to the Cybersecurity Supervision of LISCC Firms Continues to Evolve and Can Be Enhanced

available formats

Cybersecurity threats to financial institutions are becoming more frequent and sophisticated. We assessed the effectiveness of the Board's cybersecurity supervision approach for LISCC firms—the largest, most systemically important domestic and foreign financial institutions supervised by the Board.

The Board can strengthen its governance of LISCC firm cybersecurity supervision by clarifying the roles and responsibilities of the groups involved in supervision and planning activities and better defining how cybersecurity supervisory activities inform relevant ratings. The Board can also enhance its approach to cybersecurity training to ensure examiners keep their skills up to date. Additionally, the Board can improve its guidance and training for reporting cybersecurity events.

This report contains recommendations.