Posts tagged ‘Directive 21’

Are We Getting Enough Bang for our Cybersecurity Buck?

Good morning, folks. Sorry for the late start, but the Islanders went to overtime last night. 

According to the GAO, the Treasury is doing an inadequate job of monitoring how successfully the financial services sector has handled protecting the cybersecurity infrastructure. What’s more, the Treasury agrees, but argues that it lacks the authority to appropriately monitor the efforts made by financial institutions, including credit unions, in protecting the country against cybersecurity threats. 

Since 9/11, the government has emphasized the need for industry wide coordination to protect vital infrastructure. This effort picked up steam in 2013 when the White House issued Critical Infrastructure and Resilience Policy Directive 21. The overarching goal of this new directive was to strengthen functional relationships across the federal government to enable better communication about cybersecurity threats, and to coordinate better planning between industries. As part of this directive, the Treasury was given responsibility for coordinating the financial industry structure. 

As credit unions are well aware, there has been no shortage of regulations on the federal and even state level to protect against cyber threats. But, according to the GAO, the Treasury does not have the structure in place to adequately assess how successful these regulations have been. The Treasury says that it simply does not have the authority to get the information it needs.

This might seem like an awfully arcane piece of bureaucratic minutiae to write about on a Friday, but yours truly is just a little concerned that these findings will result in yet more regulations that will impact your everyday operations. In addition, given the amount of time, money and resources credit unions and other financial institutions must now commit to cybersecurity, I’m more than a little bit surprised that the Treasury is so willing to admit that a lack of coordination is deluding the effectiveness of these efforts. 

NCUA Holds Monthly Meeting

Yesterday, the NCUA held its monthly board meeting. I will follow up once I have the chance to take a closer look at what was agreed to.

September 18, 2020 at 10:18 am Leave a comment

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 755 other followers