Cybersecurity Assessment Tool 1.1

For the last two years, institutions have been building stronger cybersecurity programs with the assistance of the FFIEC’s Cybersecurity Assessment Tool (CAT). On May 31, 2017, the FFIEC released an update to the CAT resource. The FFIEC hasn’t released what you would normally expect a tool to look like, it’s a collection of PDF documents that outline a cybersecurity assessment process with specific controls to mitigate risks. This update addresses changes to the FFIEC IT Examination Handbook by providing a revised mapping in Appendix A to the updated Information Security and Management booklets. The updated Assessment will also provide additional response options, allowing the inclusion of supplementary or complementary behaviors, practices, and processes that represent current practices of the institution in support of its cybersecurity activity.

Covered Topics:

This webinar will provide an overview of the following details:
  • Cybercrime drivers behind CAT
  • Review of FFIEC Resources
  • CAT Process
  • Compensating Controls
  • Step by step review of changes
  • Next steps with CAT after the assessment
Specific changes to be discussed include:
  • Yes with Compensating Controls
  • Baseline Control Mappings
  • Unchanged Components
The FFIEC CAT resource is one of the most valuable resources created by the FFIEC to date. Our goal is to help attendees see the value in the assessment tool, the changes introduced in version 1.1, and building a program based on the results.

Who Should Attend?

Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Board members, or other management team members looking for a solid understanding of the assessment process.