The DOB recommends banks, credit unions, non-depository institutions, and technology service providers have tools to monitor, share, and respond to cyber threats. This information is important to protect sensitive consumer data and IT systems.
Joining information-sharing forums is an important part of the risk management process. Forums also help identify, respond to, and mitigate cybersecurity threats and incidents.
The DOB encourages regulated entities to use any of the following:
- Financial Services Information Sharing and Analysis Center (FS-ISAC)
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
- United States Computer Emergency Readiness Team (US-CERT)
- Institutions are also advised to sign up for alerts and share information.
The Federal Financial Institutions Examination Council (FFIEC) recommends all financial institutions take part in the FS-ISAC. Per Presidential Directive 63, public and private sectors are required to share information about physical and cybersecurity threats. Institutions should keep well informed about emerging threats and share information. FS-ISAC provides access to Cyber and Physical Security Alerts, as well as other services, from many sources. Sources include the government, private vendors, and cross-sector members.
MS-ISAC is the focal point for cyber threat prevention, protection, response, and recovery for the nation's state, local, tribal, and territorial (SLTT) governments. MS-ISAC provides real-time network monitoring, early cyber threat warnings, and other advisories. Institutions are advised to access the advisories and cyber threat alert levels reported by MS-ISAC.
US-CERT is housed under the Department of Homeland Security. Its mission is to provide cybersecurity leadership. Your institution can sign up for US-CERT alerts, bulletins, and tips. Using US-CERT resources ensures you have access to up-to-date cybersecurity topics and threats.