On October 3, 2022, the FFIEC announced a significant update to its 2018 Cybersecurity Resource Guide for Financial Institutions. The Guidance highlights risk management practices that support oversight of identification, authentication, and access solutions as part of an institution’s information security program. Financial services organizations are known to be heavily targeted by hackers, as these organizations store and use unprecedented amounts of sensitive data.
The recent update explicitly calls out APIs as a separate attack surface in regulatory guidelines that represents a significant shift in compliance trajectories, and highlights the increased threats that APIs pose to data, systems and people.
Read the whitepaper to learn: