Skip Header
U.S. flag

An official website of the United States government

Financial Institution Letter

Updated FFIEC Cybersecurity Resource Guide for Financial Institutions

October 27, 2022  |  FIL-50-2022


On October 3, 2022, the Federal Financial Institutions Examination Council (FFIEC) announced an update to its 2018 Cybersecurity Resource Guide for Financial Institutions. The guide includes updated references and now includes ransomware–specific resources. The FDIC is amplifying this resource in recognition of Cybersecurity Awareness Month, which highlights the importance of safeguarding our Nation’s critical infrastructure from malicious cyber activity and protecting citizens and businesses from ransomware and other cyber attacks.

Statement of Applicability: The contents of, and material referenced in, this FIL apply to all FDIC-insured financial institutions.


  • Financial institutions and their service providers should remain vigilant in addressing cyber risk.
  • The FFIEC updated its October 2018 Cybersecurity Resource Guide for Financial Institutions.
  • The purpose of this guide is to help financial institutions meet their security control objectives and prepare to respond to cyber incidents.
  • The updated resource guide now includes ransomware-specific resources to address the ongoing threat of ransomware incidents.
  • For more information, including a link to the FFIEC Cybersecurity Awareness webpage, visit the FDIC Cybersecurity Resources webpage.

Related Topic:

Information Technology

Related Resource:

The updated resource guide is located here: