FFIEC's DDoS Guidelines: An Analysis

Neustar's Rodney Joffe on New Guidelines for Banking Institutions
FFIEC's DDoS Guidelines: An Analysis

The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.

See Also: 10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys

Joffe, senior vice president and senior technologist and DDoS solutions vendor Neustar, says these new guidelines are a milestone - he has never seen government agencies address DDoS risks so thoroughly with regulated entities. And the timing of release, he believes, is no coincidence.

"[The statement] obviously comes about as a result of the attacks we saw [on banks] two, two-and-a-half years ago," Joffe says. "But it has nothing to do with those attacks per se. It has to do with the fact that the federal government really got a wake-up call, as did the private sector, during that set of DDoS attacks. And they've now decided that the sector most likely to be sympathetic and responsive to this ... is the financial sector."

In an interview about banking regulators' new statement on DDoS, Joffe discusses:

  • Why the FFIEC chose now to issue guidelines;
  • The substance of expectations for banking institutions;
  • How banks and credit unions should assess and mitigate their risks.

As SVP & Senior Technologist at Neustar, Joffe is responsible for defining and guiding the technical direction of the company's Neusentry security offering as well as heading the company's cybersecurity initiatives. Joffe joined Neustar in 2006 after the acquisition of UltraDNS Corporation, a directory services company, he founded in 1999. Prior to founding UltraDNS, Joffe was the founder and CTO of Genuity, one of the largest Internet Service and Hosting Providers in the world.


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 28 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from the North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global Summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.