The document outlines 11 critical areas of cybersecurity focus for financial institutions based on a cybersecurity roundtable discussion held in February 2015. The areas include: 1) corporate governance; 2) management of cybersecurity issues; 3) security and risk management resources; 4) shared infrastructure risks; 5) intrusion protection; 6) security testing and monitoring; 7) incident detection and response; 8) ongoing training; 9) management of third-party service providers; 10) business continuity and disaster recovery; and 11) cybersecurity insurance. The document emphasizes that cybersecurity should be viewed as an integral part of overall risk management rather than just an IT issue, and financial institutions should conduct thorough evaluations of their unique cyber threat profiles.