FDIC Cybersecurity
Updated February 22, 2017
Enhancing Information Protection
Most recently, the FDIC has:
- implemented secure access of agency computers by requiring the use of employees’ government-issued smart IDs to log in to FDIC computers;
- strengthened internet security on agency computers through the implementation of an internet browser initiative;
- completed a third-party, end-to-end assessment of the FDIC IT security and privacy programs;
- updated the FDIC IT Information Security and Privacy Training, which employees are required to take annually;
- held cybersecurity events for National Cyber Security Awareness Month to teach employees how to protect the FDIC from cyber threats and understand cybersecurity trends and how they impact the FDIC;
In the past year, the FDIC has:
- expanded our use of multi-factor authentication for securely downloading assessment invoices and official FDIC correspondence, and performing other secure file exchanges. This allows for a secure exchange of information with financial institutions;
- discontinued individuals' ability to copy information to removable media such as CDs, DVDs, external hard drives, and thumb drives;
- signed a memorandum of understanding to migrate to an intrusion prevention, detection, and monitoring system from the Department of Homeland Security (DHS) that will help detect and block outside cyber threats. The FDIC continually works with DHS to ensure we meet government security standards;
- implemented new controls to limit printing of sensitive information and better monitor information printed in the highest risk areas; and
Building on Prior Actions
These actions are on top of protections that were already in place, such as:
- encryption of some of our most sensitive information;
- encrypted laptop hard drives; and
- a Data Loss Prevention program that monitors information in emails, information being transferred to websites, and information printed.
Information security is critical to the FDIC's ability to carry out its mission of maintaining stability and public confidence in the nation's financial system. The FDIC will remain alert and continue to adjust our security controls in light of the changing threat landscape.