MBA Releases New White Paper: The Basic Components of an Information Security Program
WASHINGTON, D.C. (October 24, 2019) - The Mortgage Bankers Association (MBA) today released a new white paper, The Basic Components of an Information Security Program, which gives an overview of current information security risks that affect the mortgage industry, as well as explanations of basic components of an information security program intended to help manage those risks.
"MBA continues to be an advocate for our members on cybersecurity issues, and we're committed to educating and helping mortgage businesses identify emerging information security threats," said Rick Hill, Executive Vice President of MISMO ® and Vice President of Industry Technology at the Mortgage Bankers Association. "Our white paper gives mortgage professionals a better understanding of current risks, and offers high priority cybersecurity actions they can take to keep their information, systems and networks safe and secure." MBA's white paper offers several recommendations for mortgage companies to consider when developing a cohesive information security program for their business. They include:
- Reviewing current laws and regulations that focus on consumer and data privacy as well as vendor management;
- Performing a risk assessment to better understand the current and potential information security threats that may impact the company;
- Completing an asset inventory of company data, equipment, and software;
- Having a plan for restoring business operations during or after a disaster or other business-impacting event;
- Providing proper information security training to employees; and
- Implementing a vendor risk management program that includes a list of vendor relationships and the risks posed by each vendor.
A copy of the white paper can be found here.