Pub. 11 2016-2017 Issue 3

www.nebankers.org 22 Extraordinary Service for Extraordinary Members. I WAS RECENTLY INVITED TO CELEBRATE THE BIRTHDAY OF A friend andwas a bit confusedwhen I arrived at the party. My friend is in a “seasoned” phase of life and bright pink decorations were everywhere. As it turns out, my friend was sharing this birthday party with a very special person: a little girl who turned one year old. So much attention goes into this moment of newness. Every attendee needs several photos on their smartphone to show their friends later. My friend took a fewminutes to open some cards, then it was back to the baby for the ever popular “baby destroys a cake” act. As humans, we are fascinated by new things. We gush over new babies, drool over new technology, and, while some may disagree, we anxiously anticipate new regulation. Each day, I arrive at the office to support an information security and compliance software suite. On some of those days, a new guidance is released by the Federal Financial Institutions Examination Council (FFIEC) or one of the other federal agencies. Within hours of one of these releases, our team responds to countless people who contact us inquiring about our awareness of the new guidance and our intentions to help banks address it. Last year, when the FFIEC released the Cybersecurity Assessment Tool, you would have thought Moses was descending from the mountain with a new set of commandments. Hundreds of people began to reach out to us for assistance. After all the anxiety about the Cybersecurity Assessment last year, few people have inquired about how to keep the as- sessment up to date. Perhaps there are no questions because they understand the tool now or maybe this is a case of new guidance versus “seasoned” guidance. Are you mindful of the “seasoned” aspects of your Infor- mation Security Program? Ask yourself a few self-assessment questions to find out. Here are a few to help you get started: • Do I need to update my cybersecurity assess- ment? Have you had changes in your business since the last time you looked at this assessment? If so, you should reevaluate your cybersecurity risk and maturity. As- sessing cybersecurity preparedness is a must regard- less of whether you’re using the FFIEC’s tool or not. • Do I need to update my social media risk man- agement program? The “Social Media: Consumer Compliance Risk Man- agement Guidance” was on track to be one of the hot- test topics of 2013, but was quickly overshadowed by Happy Birthday, Cybersecurity Assessment! Alyssa Pugh, Security+, CoNetrix TECH TALK

RkJQdWJsaXNoZXIy OTM0Njg2