In this heavily regulated industry, there is no shortage of guidance on how financial institutions should implement security controls. While the FFIEC provides the ultimate source of guidance for banks, proactive institutions looking to enhance their controls to address evolving risks should reference other sources of guidance and frameworks for mitigating cybersecurity risks. In this webinar, we will focus on the Center for Internet Security’s (CIS) globally recognized Top 18 Critical Security Controls and why this framework can be an effective option to layer on top of FFIEC recommendations.

The framework breaks each control into three implementation groups based on the risk profile of an organization and the resources it has available. We’ll provide an overview of all controls, with a focus on the more advanced protections within Implementation Groups 2 and 3.

Learning objectives:

• Identify various control frameworks available to banks and why the CIS Top 18 Critical Security Controls can be an effective option to layer on FFIEC recommendations
• Examine various controls in Implementation Groups 2 and 3 of the CIS framework
• Apply these controls within your institution to mitigate risks