Cyber Security Assessment
description
E3 has helped many financial institutions understand and manage their cyber security risk through the use of the Federal Financial Institutions Examination Council (FFIEC) developed Cybersecurity Assessment Tool. The CAT provides a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.
TESTING OBJECTIVES
The CAT consists of two parts:
Inherent risk profile
Cybersecurity maturity
The Inherent Risk Profile identifies the institution’s inherent risk before implementing controls. The Cybersecurity Maturity includes domains, assessment factors, components, and individual declarative statements across five maturity levels to identify specific controls and practices that are in place. While management can determine the institution’s maturity level in each domain, the CAT is not designed to identify an overall cybersecurity maturity level.
The assessment covers the institution’s inherent risk profile based on five categories:
Technologies and connection types
Delivery channels
Online/mobile products and technology services
Organizational characteristics
External threats
Next, the assessment evaluates the institution’s cybersecurity maturity level for each of the five domains:
Cyber risk management and oversight
Threat intelligence and collaboration
Cybersecurity controls
External dependency management
Cyber incident management and resilience
“Are you interested in E3 Services? Do you want more information or a proposal? For more information or to receive a Request For Proposal questionnaire please contact us toll-free at (866) 585-8324 or via email at sales@e3technologyinc.com.”