Board Report: 2020-SR-B-019 September 30, 2020
Cybersecurity threats to financial institutions are becoming more frequent and sophisticated. We assessed the effectiveness of the Board's cybersecurity supervision approach for LISCC firms—the largest, most systemically important domestic and foreign financial institutions supervised by the Board.
The Board can strengthen its governance of LISCC firm cybersecurity supervision by clarifying the roles and responsibilities of the groups involved in supervision and planning activities and better defining how cybersecurity supervisory activities inform relevant ratings. The Board can also enhance its approach to cybersecurity training to ensure examiners keep their skills up to date. Additionally, the Board can improve its guidance and training for reporting cybersecurity events.
This report contains recommendations.
