Financial Sector Cyber Compliance with the NIST Cyber Security Framework
OVERVIEWCyber Compliance is a significant challenge for the financial sector. The dynamic cyber threat and regulatory landscape is only part of it, the reality of “mixed messaging” and “semantics” puts a huge burden on resources in relation to “reconciliation” of control requirements. In other words, different supervisory issuances often ask for the same thing in a different way. It is estimated that over 40% of IT time can be spent on the reconciliation effort alone. This is one of the reasons the NIST CSF (Cyber Security Framework) can be so beneficial to the financial sector. Every financial sector entity has “A” cyber security framework and that framework is the operational blueprint on how the entire organisation manages cyber risk and compliance. This includes all activity from AML to Procurement with everyone such as Legal, IT and of course “Leadership” in between.
Paul C Dwyer