ICBA called on federal regulators to continue building on the Cybersecurity Assessment Tool risk assessment framework while keeping it voluntary.
Recommendations: In a comment letter to the OCC on improving the CAT, ICBA said regulators should:
Establish a working group of public- and private-sector participants to complete regular reviews of the CAT to keep it up to date.
Create resources to further educate bank leadership on the CAT.
Provide community banks access to trending information and statistical analysis.
More: Cybersecurity resources—including no-cost cyber and incident response training for ICBA members—are available on ICBA’s cyber and data security resource center.