With the passage of the Gramm-Leach-Bliley Act (GLBA) in 1999, financial institutions were required to implement policies that protected critical electronic customer information for being accessed, disclosed, or used in an unauthorized manner.
With security management and data breaches making the news on a daily basis, IT security is now more important than ever. Security operations and a detection system have become top of mind for many organizations.
The GLBA “Safeguards Rule” requires financial institutions to achieve three objectives related to data security.
The Federal Financial Institutions Examination Council, more commonly known as the FFIEC, is comprised of representatives from several financial agencies and organizations including the Federal Deposit Insurance Corporation (FDIC) and the Federal Reserve System. The FFIEC publishes guidance on how banks and other financial institutions can set about securing their IT assets and comply with the Safeguards Rule. Of particular note is the IT Examination Information Security Handbook published in 2006. It discussed key IT security objectives including how to protect information from a data breach as well as ensuring data integrity.