In the United States Federal Reserve’s recent Enhanced Cyber Risk Management Standards, certain agencies and entities are subject to additional cyber security guidelines in order to reduce Cyber Liability and prevent cyber attacks from having a grave impact on agencies across the world. The standards are organized into five subsections, and the first of which calls for all covered agencies to exhibit effective cyber risk governance.
About Cyber Risk Governance
The Notice proposes that all covered entities establish effective cyber risk governance. It defines cyber risk governance as developing and maintaining a formal cyber risk management strategy, creating a network of supporting policies and procedures in order to properly implement the strategy, and integrating their plan into their entity’s overall strategic plans and risk governance measures.
Proposed Cyber Risk-Governance Standards
The proposal states that cyber risk governance standards should be similar to general governance standards already in place for large financial organizations, and continues to state that the entity’s board of directors or a similar committee would be responsible for approving the cyber risk management strategy and holding senior management accountable for its implementation and development.
In addition to implementing the cyber risk management strategy into the overall risk management plans, covered entities would be required to assess their firm’s operations and overall risk in order to best tailor their cyber risk management plan to their firm’s needs, and would continually assess the entity’s residual cyber risk in order to prevent large losses. The senior leaders in charge of cyber risk management would need to be independent of business line management so that they can have direct access to the board of directors and be able to independently speak to the board in regards to the firm’s risk exposure, risk management, and any developing trends.
Since 1983, Financial Guaranty Insurance Brokers has distinguished itself as a provider of Professional Liability, Cyber Liability, and Crime insurance products for financial entities, in addition to providing crime insurance and general business insurance products to a number of firms across the United States. To receive timely, personalized service from a knowledgeable and experienced staff, call us today at (877) 485-4413 to speak with one of our professionals.