Cybersecurity professionals discussing the FFIEC CAT sunset.
Article

FFIEC CAT sunset: A roadmap to a new cybersecurity framework

Authors: Colin Taggart, Taylor Blasco

March 3, 2026 / 5 min read

The FFIEC CAT sunset means financial institutions must begin transitioning to a new cybersecurity framework that better aligns with their size, complexities, and strategic vision. Selecting an approach that strengthens governance, deepens risk alignment, and supports long-term resilience is key.

Leaders in our cybersecurity consulting recently published an article with Bank Director that outlines a practical transition roadmap for management teams. The article covers how to engage a cybersecurity governance committee, compare leading frameworks such as NIST, CSF, CIS Control, CRI Profile, and CISA CPG, and map your existing controls to understand gaps. With cyberthreats evolving faster than ever and increasing the importance of integrating cybersecurity practices into enterprise risk management and strategic planning, this transition provides an opportunity to improve your institution’s transparency with examiners and long-term resilience.

Read the full article here

Related Services:

Consulting Cybersecurity

Related Industries:

Banks Credit Unions Financial Services

Related Thinking

Private equity professionals discussing value creation.
February 25, 2026

Private equity: Driving value creation with data-driven costing

Article 4 min read
Public sector professionals working in a modern office.
February 25, 2026

6 ERP risk management strategies for the public sector

Article 5 min read
Business professionals in a conference room discussing FFIEC CAT sunset
December 16, 2024

FFIEC CAT sunset: Considerations for choosing a new cybersecurity framework

Article 6 min read