The Federal Financial Institutions Examination Council (FFIEC)

The Federal Financial Institutions Examination Council (FFIEC) requires that financial institutions should implement an ongoing security process and institute appropriate governance for the security function, assigning clear and appropriate roles and responsibilities to the board of directors, management, and employees.

Financial institutions must maintain an ongoing information security risk assessment program that effectively:

  • Gathers data regarding the information and technology assets of the organization, threats to those assets, vulnerabilities, existing security controls and processes, and the current security standards and requirements
  • Analyzes the probability and impact associated with the known threats and vulnerabilities to their assets
  • Prioritizes the risks present due to threats and vulnerabilities to determine the appropriate level of training, controls, and assurance necessary for effective mitigation

A strategy should be developed that defines control objectives & establishes an implementation plan. Security strategies should include:

  • Appropriate consideration of prevention, detection, and response mechanisms
  • Implementation of the least permissions and least privileges concepts
  • Layered controls that establish multiple control points between threats and organization assets
  • Policies that guide officers and employees in implementing the security program

As you strive to achieve, exceed and maintain FFIEC guidelines, you’re likely considering the following solutions:

Managed Detection and Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email and Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

Compliance & Risk Services

Assuring security constructs are well-suited to current and future regulatory demands.

Incident Response Readiness

Guidance to manage the complexity of response to a cyber incident.

Why Is SilverSky Your Partner for Achieving FFIEC Guidelines?


  • For two decades, we have served more than 1,500 small to mid-sized financial institutions and have been held to the same stringent compliance regulations as many of our clients. SilverSky understands the financial services industry and provides purpose-built compliance and risk management solutions
  • We deliver technology that offers a holistic view of security across your company, not just a single technology area that point products provide
  • We provide flexible and easy reporting across your entire security architecture making compliance reporting much easier
  • We help streamline and centralize your monitoring and management. This means your IT teams are more efficient and free to perform functions that increase your overall security
  • We lessen the strain of technical and human resource complexity so you can continue to grow and add new services while being safe in the knowledge your defenses are stronger than ever









“SilverSky has helped our end users be more productive and secure and we’re very happy with the high availability levels and outstanding support that we receive from SilverSky.”

-Director, End User Services

Managed Detection and Response ebook

Revisiting Cybersecurity’s Delicate Balance

This eBook explores cybersecurity’s delicate balance.

Cabrillo Credit Union Case Study

Case Study - Cabrillo Credit Union

San Diego-based Cabrillo Credit Union is a regional credit union serving more than 25,000 members across the country.

Schedule a Demo

Managed Security Services

Your around the clock SOC.

Managed Endpoint Detection and Response

Some attacks will succeed. Don’t worry—we have you.

Managed Detection and Response

Augment your IT team using our expertise and the latest technologies.

Email Protection Suite

Defending against the leading attack vector.

Cloud Email and Collaboration

More than ever, the cloud is essential.

Incident Response Readiness

When a breach occurs, you’ll be ready.

Compliance & Risk Services

Take the next steps on your cybersecurity maturity journey.

Trusted Cybersecurity for an Uncertain World

Understand, detect, and effectively respond to threats, reduce business risk and improve the return on your security investment.

Financial Services

We comply with the same regulations you do.


Affordable defenses for a sector under attack.


SilverSky stands between cybercriminals and your customers’ data.

Benefits of a Single Vendor Relationship

The Cooperative Bank of Cape Cod found itself especially appreciative of SilverSky’s comprehensive solution set—particularly as they rapidly, but securely, enabled employees to work remotely.


Automated Cybersecurity Examination Tool


Health Insurance Portability and Accountability Act


Payment Card Industry Data Security Standard


Federal Financial Institutions Examination Council


Gramm-Leach-Bliley Act

ACET Helps Credit Unions Further Their Missions

Learn how going all in for ACET protects customers and the health of community-based financial services.


Articles, guides, ebooks, tools, on-demand webinars, case studies, and more. Explore a range of topics.

Press & Events

Press releases, upcoming conferences and trade shows, and future and on-demand webinars

Revisiting Cybersecurity’s Delicate Balance

Learn how CISOs are rebalancing prevention, detection, and response for stronger cyber defenses.

About Us

Trusted cybersecurity for an uncertain world.


Looking to join the fight against cybercriminals?

Security Management Console

Comprehensive customer portal for state of devices, reports for compliance, support tickets, and more.

Transforming Cybersecurity Culture from Corner Offices to Cubicles

Executives are increasingly thinking about cybersecurity management in a similar manner as they would any other risk assessment. This guide is here to help.