What is Cybersecurity?
Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
- Protect Yourself Against Ransomware
- Your Voice Counts! Social Media Feedback
April 2019 - Cybersection - The Quarter Newsletter (PDF)
- NIST Launches Cybersecurity Website for Small Biz
- State Regulators Appeal to Congress on Marijuana Banking Fix
- FINRA Issues Cybersecurity Practices Report for Broker-Dealers
- PA Supreme Court Holds Businesses Have Legal Duty to Safeguard Employee Information
- DOBS Staff Recognition
October 2018 - Cybersection - The Quarter Newsletter
- Personally Identifiable Information
- Free Cybersecurity Assessments, Services Available
- Position Issued on Use of Investor Client Username, Passwords
DoBS Cybersecurity Efforts Expand
Third-Party Risk Management
Cyber Insurance: Right for Your Company?
- Department Issues Cybersecurity Guidance
November 2017 - Secretary's Letter on Cybersecurity
Cybersecurity continues to be a top priority of the department, as it should be for every financial services institution and business. The department continues to develop and share resources available to companies and organizations to assist them in developing strong practices to address cybersecurity threats.
New Cybersecurity Resource to Protect Pennsylvanians
2016 - Cybersecurity Year in Review
Personal Identifiable Information
- Cybersecurity Awareness Month
Finance and Technology
National Cyber-Forensics & Training Alliance
New Video to help Consumers
October 25, 2016
FinCEN IssuesAdvisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime (PDF) -
The Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions on cyber-events and cyber-enabled crime. Cybercriminals target the financial system to defraud financial institutions and their customers and to further other illegal activities. Financial institutions can play an important role in protecting the U.S. financial system from these threats. In addition to the advisory, FinCEN also issued
Frequently Asked Questions (FAQs) (PDF) regarding the reporting of cyber-events, cyber-enabled crime, and cyber-related information through Suspicious Activity Reports.
October 2016 - Secretary's Letter on Cybersecurity
The Department continues to work collaboratively with federal regulators, other states financial regulators, and other Commonwealth agencies to address cybersecurity challenges.
October 2016 - FFIEC Announces it will host two webinars in observance of Cybersecurity Awareness Month. Register for the webinars here.
September 2016 - The FFIEC issued a
Revised Information Security Booklet on September 9, 2016, which is part of the FFIEC Information Technology Examination Handbook.
- A Presidential Policy Directive (PPD-41) released on July 26, 2016, sets forth principles governing the federal government’s response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, PPD-41 also establishes lead federal agencies and an architecture for coordinating the broader federal government response.
Presidential Policy Directive - United States Cyber Incident Coordination
June 2016 - FFIEC issues Joint Statement on Cybersecurity of Interbank Messaging and Wholesale Payment Networks FIL-37-2016
April 2016 - Cybersection - The Quarter Newsletter (PDF)
January 2016 - Cybersection - The Quarter Newsletter (PDF)
- Federal Resources for Businesses
Patch-Management and Software Security Precautions
- Federal Regulators Release Revised Management IT Booklet
Data Breach Protocol
Cybersecurity Act of 2015
DOBS Staff Recognized at PA Digital Government Summit
Cybersecurity Task Force Announced
September 2015 - Cybersecurity Efforts and Resources (PDF)
A letter from the Secretary of Banking and Securities to all state-chartered and licensed entities announcing the formation of a Cybersecurity Task Force, describing Commonwealth cybersecurity efforts, and encouraging the development of cybersecurity attack prevention and mitigation plans using available and recommended resources.