Cybersecurity Key Operational Risk in OCC’s Semiannual Risk Perspective Report

March 13, 2018

The Office of the Comptroller of the Currency (“OCC”) recently issued its Semiannual Risk Perspective.  The OCC identified cybersecurity as a key operational risk, pointing to the increasing speed and sophistication of cybersecurity threats, which can target the theft of personally identifiable information, intellectual property, and bank funds.

The Semiannual Risk Perspective identifies two specific kinds of risks—phishing and the use of unpatched or unsupported software and hardware by banks and their service providers.  Phishing, which uses deceptive tactics to encourage people into opening files or clicking on links, can allow cybercriminals to insert malware onto networks.  Once the malware is in place, the hackers can use it to load other kinds of malware or ransomware, access confidential information, conduct espionage, or gain control of internal banking platforms to use them to make fraudulent payments.  Continuing to use software or hardware that is out-of-date or unsupported can also introduce vulnerabilities that lead to other data breaches.

Click here, to continue reading on the Cleary Cybersecurity and Privacy Watch blog.