Begin Main Content Area

 Content Editor ‭[3]‬

What is Cybersecurity?

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. 


  • FBI - Increased Use of Banking Apps Could Lead to Exploitation
  •  Tips to Avoid Coronavirus Financial Scams, Investment Schemes
  • Stimulus Payment Phishing Scams
  • Strategies to Help Pennsylvanians Protect Themselves Online and on the Phone
Fall 2019 - CyberEssentials - Volume 1 (PDF)
  • Essential Elements of a Culture of Cyber Readiness
  • Essential Actions for Building a Culture of Cyber Readiness
  • Phishing Reminder
  • Protect Yourself Against Ransomware
  • Your Voice Counts! Social Media Feedback

April 2019 - Cybersection - The Quarter Newsletter (PDF)

  • NIST Launches Cybersecurity Website for Small Biz
  • State Regulators Appeal to Congress on Marijuana Banking Fix
  • FINRA Issues Cybersecurity Practices Report for Broker-Dealers
  • PA Supreme Court Holds Businesses Have Legal Duty to Safeguard Employee Information
  • DOBS Staff Recognition 


October 2018 - Cybersection - The Quarter Newsletter (PDF)
  • Personally Identifiable Information
  • Free Cybersecurity Assessments, Services Available
  • Position Issued on Use of Investor Client Username, Passwords
  • DoBS Cybersecurity Efforts Expand
  •  Third-Party Risk Management
  • Cyber Insurance:  Right for Your Company?   
  • Department Issues Cybersecurity Guidance 


November 2017 - Secretary's Letter on Cybersecurity
Cybersecurity continues to be a top priority of the department, as it should be for every financial services institution and business. The department continues to develop and share resources available to companies and organizations to assist them in developing strong practices to address cybersecurity threats.

October 2017 - Cybersection - The Quarter Newsletter (PDF)

  • New Cybersecurity Resource to Protect Pennsylvanians
  •  NIST Cybersecurity Guidance for Small-Business Owners
  •  2016 - Cybersecurity Year in Review
  •   Personal Identifiable Information 

U.S. Securities and Exchange Commission (SEC) case involving Cybersecurity dated June 8, 2016.  Click here for more information (PDF)
  •  Cybersecurity Awareness Month      
  •  Finance and Technology
  •  PA $AFE
  •  National Cyber-Forensics & Training Alliance
  •  New Video to help Consumers
October 25, 2016 - FinCEN IssuesAdvisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime (PDF) - The Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions on cyber-events and cyber-enabled crime. Cybercriminals target the financial system to defraud financial institutions and their customers and to further other illegal activities. Financial institutions can play an important role in protecting the U.S. financial system from these threats. In addition to the advisory, FinCEN also issued Frequently Asked Questions (FAQs) (PDF) regarding the reporting of cyber-events, cyber-enabled crime, and cyber-related information through Suspicious Activity Reports. 

October 2016 Secretary's Letter on Cybersecurity
The Department continues to work collaboratively with federal regulators, other states financial regulators, and other Commonwealth agencies to address cybersecurity challenges.

October 2016 - FFIEC Announces it will host two webinars in observance of Cybersecurity Awareness Month. Register for the webinars here.

September 2016 - The FFIEC issued a Revised Information Security Booklet on September 9, 2016, which is part of the FFIEC Information Technology Examination Handbook. 

July 2016 - A Presidential Policy Directive (PPD-41) released on July 26, 2016, sets forth principles governing the federal government’s response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, PPD-41 also establishes lead federal agencies and an architecture for coordinating the broader federal government response.  Presidential Policy Directive - United States Cyber Incident Coordination

  • Ransomware

June 2016 - FFIEC issues Joint Statement on Cybersecurity  of  Interbank Messaging and Wholesale Payment Networks FIL-37-2016 

April 2016Cybersection - The Quarter Newsletter (PDF)
  • Federal Resources for Businesses
  • Patch-Management and Software Security Precautions
January 2016 - Cybersection - The Quarter Newsletter (PDF)
  • Federal Regulators Release Revised Management IT Booklet
  • Data Breach Protocol
  • Cybersecurity Act of 2015
  • DOBS Staff Recognized at PA Digital Government Summit


  • Cybersecurity Task Force Announced         

September 2015Cybersecurity Efforts and Resources (PDF)

A letter from the Secretary of Banking and Securities to all state-chartered and licensed entities announcing the formation of a Cybersecurity Task Force, describing Commonwealth cybersecurity efforts, and encouraging the development of cybersecurity attack prevention and mitigation plans using available and recommended resources.