NR 2001-40
FOR IMMEDIATE RELEASE			
Contact:  Robert M. Garsson (202) 874-5770
April 24, 2001 				    

OCC Advises Banks to Ensure Information Systems Security is Maintained

WASHINGTON, D.C. -- The Office of the Comptroller of the Currency today issued an alert 
outlining steps that national banks should take to protect and maintain network security.  

The alert was prompted by recent National Infrastructure Protection Center (NIPC) reports 
on an increasing number of attacks that target e-commerce activities.  The NIPC reports 
point to known vulnerabilities in hardware and software products as a source of 
unauthorized access to network systems.  

In today's alert, the OCC advises banks to review the NIPC advisories, previously issued 
OCC security guidance, and review their internal controls to safeguard bank information 
systems and unauthorized activities. 

"As banks are increasingly becoming connected to the Internet and provide electronic-
banking products and services, national banks should take the necessary steps to 
implement and maintain secure systems," said Clifford A. Wilke, Director for OCC's Bank 
Technology Division.

"Security maintenance includes identifying new systems vulnerabilities in a timely manner, 
installing software patches or upgrading products to mitigate new threats, and monitoring 
banking systems for unusual activities," Mr. Wilke added.

National banks should proactively review their network systems security to protect their 
systems from unauthorized access and maintain confidentiality of customer information, 
Mr. Wilke said.

# # #


The OCC charters, regulates and examines approximately 2,200 national banks and 56 federal 
branches of foreign banks in the U.S., accounting for more than 55 percent of the nation’s 
banking assets. Its mission is to ensure a safe and sound and competitive national banking 
system that supports the citizens, communities and economy of the United States.