Rising incidence of ransomware use earns additional section in cybersecurity resource guide

Ransomware-specific resources to address the ongoing threat of ransomware incidents are included in the updated Cybersecurity Resource Guide for Financial Institutions, published originally in 2018 by the umbrella group for federal financial institution regulators, the group said Monday.

The Federal Financial Institutions Examination Council (FFIEC) said the purpose of the updated guide (dated September, 2022) is to help financial institutions meet their security control objectives and prepare to respond to cyber incidents.

“In recent years, ransomware incidents have become increasingly prevalent,” the agency said in the overview to the guide. “These incidents continue to evolve in severity and complexity impacting the financial sector and other critical infrastructure organizations. To address this evolving threat, the resource guide now includes ransomware-specific resources to address this ongoing threat.”

The 15-page guide covers a variety of sections, including: assessments, exercises, information sharing, response/reporting, and now ransomware.

FFIEC Cybersecurity Resource Guide for Financial Institutions