The landscape of cybersecurity threats continues to evolve with constant changes in technology. The Department of Savings and Mortgage Lending encourages institutions to take advantage of services and guidance available through trade associations, governmental entities, or private entities. Here are a few links intended to aid your efforts in protecting your community, customers, and institution:

  • Consejo de Examen de Instituciones Financieras Federales (FFIEC) is the formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB) and to make recommendations to promote uniformity in the supervision of financial institutions.
  • Financial Services Information Sharing and Analysis Center (FS-ISAC) is an industry consortium dedicated to reducing cyber-risk in the global financial system, serving financial institutions and in turn their customers. The organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyberthreats.
  • National Institute of Standards and Technology (NIST) has the mission of promoting U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
  • Asociación de Auditoría y Control de Sistemas de Información (ISACA) is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy, and governance professionals. ISACA is a global professional association and learning organization in areas of digital trust fields such as information security, governance, assurance, risk, privacy, and quality.
    • ISACA developed the COBIT (Control Objectives for Information and Related Technology) framework to help align IT strategy with organizational goals.
  • National Cyber Security Alliance (NCA) is non-profit organization founded in 2001, promoting cyber security, privacy, education, and awareness. The NCA works with various stakeholders in the government, industry, and civil society. The NCA promotes partnerships between the federal government and corporations operating in technology. NCA’s primary federal partner is the Cyber security and Infrastructure Security Agency within the U.S. Department of Homeland Security.
  • Conferencia de supervisores bancarios estatales (CSBS) supports state regulators in advancing the system of state financial supervision by ensuring safety, soundness, and consumer protection; promoting economic growth; and fostering innovative, responsive supervision.
    • CSBS developed the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions assess their efforts to mitigate risks associated with ransomware and identify gaps for increasing security.

Recursos de ciberseguridad de la FDIC

Cartas de instituciones financieras

FIL Title


Date Issued

FIL-52-2023 - Information Technology Risk Examination (InTREx) Procedures

Examination Procedures and Manual Updates


FIL-29-2023 - Interagency Guidance on Third-Party Relationships: Risk Management

Supervisory Guidance


FIL-50-2022 - Updated FFIEC Cybersecurity Resource Guide for Financial Institutions



FIL-12-2022 - Computer-Security Incident Notification Implementation

Supervisory Guidance/ Miscellaneous


FIL-64-2021 - FDIC Selects Four Vendors to Participate in a Rapid Phased Prototyping (RPP) Pilot Program

Information Technology/ Cybersecurity


FIL-57-2021 - FDITECH Launches Tech Sprint to Measure and Test Bank Operational Resiliency

Information Technology/ Cybersecurity


FIL-55-2021 - Authentication and Access to Financial Institution Services and Systems

Information Technology/ Cybersecurity


FIL-50-2021 - Proposed Interagency Guidance on Third-Party Relationships: Risk Management

Risk Management


FIL-47-2021 - Updated FFIEC IT Examination Handbook – Architecture, Infrastructure, and Operations Booklet

IT Technology/ Cybersecurity


FIL-103-2020 - The FDIC Publishes Sound Practices to Strengthen Operational Resilience

Information Technology/ Cybersecurity


FIL-52-2020 - FFIEC Joint Statement on Risk Management for Cloud Computing Services

Information Technology/ Cybersecurity


FIL-3-2020 - Heightened Cybersecurity Risk Considerations

Information Technology/ Cybersecurity


FDIC Banker Resource Center

  • Information Technology (IT) and Cybersecurity:  Listing frequently asked questions, advisories, statements of policy, and other information issued by the FDIC alone, or on an interagency basis, provided to promote safe-and-sound operations.

Technical Assistance Videos

  • Cybersecurity Awareness:  Video series designed to assist bank directors with understanding cybersecurity risks and related risk management programs, and to elevate cybersecurity discussions from the server room to the board room.
  • Cyber Challenge – A Community Bank Cyber Exercise:  Exercise to encourage discussion of operational risk issues and the potential impact of information technology disruptions on common banking functions.
Cerrar ventana de búsqueda