What is cybersecurity?
Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
November 2017 - Secretary's Letter on CybersecurityCybersecurity continues to be a top priority of the department, as it should be for every financial services institution and business. The department continues to develop and share resources available to companies and organizations to assist them in developing strong practices to address cybersecurity threats.
- New Cybersecurity Resource to Protect Pennsylvanians
- NIST Cybersecurity Guidance for Small-Business Owners
- 2016 - Cybersecurity Year in Review
- Personal Identifiable Information
- Cybersecurity Awareness Month
- Finance and Technology
- PA $AFE
- National Cyber-Forensics & Training Alliance
- New Video to help Consumers
October 25, 2016
- FinCEN IssuesAdvisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime (PDF) - The Financial
Crimes Enforcement Network (FinCEN) issued an advisory to financial
institutions on cyber-events and cyber-enabled crime. Cybercriminals target the
financial system to defraud financial institutions and their customers and to
further other illegal activities. Financial institutions can play an important
role in protecting the U.S. financial system from these threats. In addition to
the advisory, FinCEN also issued Frequently Asked Questions (FAQs) (PDF) regarding
the reporting of cyber-events, cyber-enabled crime, and cyber-related information
through Suspicious Activity Reports.
October 2016 - Secretary's Letter on Cybersecurity
The Department continues to work collaboratively with federal regulators, other states financial regulators, and other Commonwealth agencies to address cybersecurity challenges.
October 2016 - FFIEC Announces it will host two webinars in observance of Cybersecurity Awareness Month. Register for the webinars here.
September 2016 - The FFIEC issued a Revised Information Security Booklet on September 9, 2016, which is part of the FFIEC Information Technology Examination Handbook.
2016 - A Presidential Policy Directive (PPD-41) released on July 26, 2016, sets
forth principles governing the federal government’s response to any cyber
incident, whether involving government or private sector entities. For
significant cyber incidents, PPD-41 also establishes lead federal agencies and
an architecture for coordinating the broader federal government response.
Presidential Policy Directive - United States Cyber Incident Coordination
July 2016 - Cybersection - The Quarter Newsletter (PDF)
2016 - FFIEC issues Joint Statement on Cybersecurity of Interbank Messaging
and Wholesale Payment Networks FIL-37-2016
2016 - Cybersection - The Quarter Newsletter (PDF)
Resources for Businesses
- Patch-Management and Software Security Precautions
January 2016 - Cybersection - The Quarter Newsletter (PDF)
- Federal Regulators Release Revised Management IT Booklet
- Data Breach Protocol
- Cybersecurity Act of 2015
- DOBS Staff Recognized at PA Digital Government Summi
October 2015 - Cybersection - The Quarter Newsletter (PDF)
- Cybersecurity Task Force Announced
September 2015 - Cybersecurity Efforts and Resources (PDF)
A letter from the Secretary of Banking and Securities to all state-chartered and licensed entities announcing the formation of a Cybersecurity Task Force, describing Commonwealth cybersecurity efforts, and encouraging the development of cybersecurity attack prevention and mitigation plans using available and recommended resources.