The US Department of the Treasury and the Financial Services Sector Coordinating Council (FSSCC) have announced a suite of resources for secure cloud adoption
The US Department of the Treasury and the Financial Services Sector Coordinating Council (FSSCC) have announced a suite of resources for secure cloud adoption. In a bid to support financial services institutions, The US Department of the Treasury and the FSSCC issued a suite of resources to provide them with effective practices for the secure cloud adoption experience.
The announcement follows a year-long public-private collaboration of the Financial and Banking Information Infrastructure Committee (FBIIC) and the FSSCC. In addition, the documents are set to equip financial institutions of all sizes with efficient practices for secure cloud adoption and operations, as well as to develop a continuous effort and alliance to address the gaps identified by the Treasury in its report on the Financial Sector’s Adoption of Cloud Services. Some of them include: Developing a common lexicon that can be used by financial institutions and regulators in discussions regarding cloud; Optimising information sharing and coordination for analysing cloud service providers (CSP); Examining existing authorities for CSP oversight; Creating best practices for third-party risk associated with CSPs, outsourcing, and due diligence processes to foster transparency; Delivering a roadmap for institutions based on comprehensive or hybrid cloud adoption strategies including an update to the Financial Sector’s Cloud Profile; Increase transparency and monitoring of cloud services for optimised security by design. How do authorities plan to support cloud adoption? According to officials, the completion of these efforts follows almost two years of partnership to further protect the US financial system.
Also, it is mentioned that the Cloud Executive Steering Group (CESG), which was established by the US Department of the Treasury in May 2023, is a proven model and new method for the financial services sector to address the most significant cybersecurity difficulties. The CESG model supports a substantial level of public-private partnership between Treasury, FBIIC, FSSCC, and CSPs. In addition, under joint FBIIC and FSSCC leadership, the US Treasury and FSSCC intend to publish more items related to cloud cyber incident response coordination and cloud concentration risk. Furthermore, the collective set of deliverables provided by the FSSCC, including Cloud Profile 2.0, the Financial Sector Cloud Outsourcing Issues and Considerations document, the Transparency and Monitoring for Better Secure-by-Design document, the Cloud Lexicon, and the Coordinated Information Sharing and Examinations Initiative, is set to underline possible opportunities to utilise CESG deliverables into the broader regulatory, oversight, and examination schema.
Additionally, the deliverables aim to solidify the shared responsibility model for cloud services provision in the financial services sector. .
Jul 19, 2024 10:44
Original link