Skip to main content
OCC Flag

An official website of the United States government

OCC Bulletin 2022-22 | October 6, 2022

Cybersecurity: 2022 Cybersecurity Resource Guide for Financial Institutions

To

Chief Executive Officers of All National Banks, Federal Savings Associations, and Federal Branches and Agencies; Department and Division Heads; All Examining Personnel; and Other Interested Parties

Summary

The Federal Financial Institutions Examination Council (FFIEC),1 on behalf of its members, issued an update to the FFIEC Cybersecurity Resource Guide for Financial Institutions on October 3, 2022. The 2022 guide lists voluntary programs and actionable initiatives that are designed for or are available to help financial institutions meet their security control objectives and prepare to respond to cyber incidents.

Rescission

The 2022 FFIEC Cybersecurity Resource Guide for Financial Institutions rescinds and replaces the similarly named 2018 guide.

Note for Community Banks

This bulletin applies to community banks.2

Highlights

The revisions include

  • updated resource links for the Assessment, Exercise, Information Sharing, and Response and Reporting categories.
  • new ransomware specific resources.

Further Information

Please contact Patrick Kelly, Director of Critical Infrastructure Policy, at (202) 649-6550.

 

Grovetta N. Gardineer
Senior Deputy Comptroller for Bank Supervision Policy

Related Link

1 The FFIEC comprises the principals of the Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, and State Liaison Committee.

2 “Banks” refers collectively to national banks, federal savings associations, covered savings associations, and federal branches and agencies of foreign banking organizations.