Minnesota’s Nonbank Data Security Law (Minnesota Statutes Chapter 46A), passed by the 2024 Minnesota Legislature, adopts a model law proposed by the Conference of State Bank Supervisors (CSBS). The law tracks the updated federal Safeguards Rule.
Communications
CSBS Cyber Hygiene Awareness Campaign for Financial Institutions
CSBS has developed series of resources that will be shared throughout the upcoming year to promote the ongoing awareness of cyber hygiene for financial institutions. These communications will be shared on this page via the links below. Please check back periodically for new publications as they are released.
Series 1 - Cyber Hygiene Actions Your Institution Should Take Today [pdf]
Series 2 - End-of-Life Management & Multi-Factor Authentication [zip]
Series 3 - Vulnerability & Patch Management / Event Logging & Threat Detection [zip]
Series 4 - Cybersecurity Awareness Training & IT Asset Management (ITAM) [zip]
Series 5 - Data Backup & Threat Intelligence [zip]
Series 6 - TPRM & Incident Response [zip]
CISA - Safeguarding Our Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence, released guidance to assist critical infrastructure owners and operators to detect and mitigate efforts by foreign intelligence entities to disrupt U.S. critical infrastructure.
Get a copy of the document here [PDF]
Updated Nonbank Ransomware Self-Assessment Tool (R-SAT) – Available now!
Download the updated Nonbank Ransomware Self-Assessment Tool (R-SAT) today to evaluate your institution’s cybersecurity posture. This critical and repeatable cybersecurity tool is easy to use, and designed to assist nonbank companies of all sizes assess their readiness for ransomware attacks. This updated Nonbank R-SAT was developed collaboratively by CSBS, state bank examiners, the Bankers Electronic Task Force, and the U.S. Secret Service in response to the increasing cyber threat environment and evolutions in company control environments.
Link to the updated Ransomware Self-Assessment Tool (R-SAT)