Our businesses are highly dependent on the security and efficacy of our infrastructure, computer and data management systems, as well as those of third parties with whom we interact or on whom we rely. Our businesses rely on the secure processing, transmission, storage and retrieval of confidential, proprietary and other information in our computer and data management systems and networks, and in the computer and data management systems and networks of third parties. In addition, to access our network, products and services, our customers and other third parties may use personal mobile devices or computing devices that are outside of our network environment and are subject to their own cybersecurity risks, which may provide a point of entry for adverse effects on our own network environment.
We, as well as our customers, regulators, third-party service providers, and other third parties with whom we do business, have been subject to, and are likely to continue to be the target of, cyberattacks. These cyberattacks include computer viruses, malicious or destructive code, ransomware, phishing attacks, denial of service or other security breaches that could result in the unauthorized release, gathering, monitoring, misuse, loss or destruction of confidential, proprietary or personal data. As cyber threats continue to evolve, we have been and will continue to be required to expend significant resources to continuously enhance our protective measures and may be required to expend significant resources to investigate and remediate any information security vulnerabilities or incidents. We could continue to experience cyberattacks, and we acknowledge that we cannot implement guaranteed preventive measures against all security threats. Additionally, a security breach may be difficult to detect, even after it occurs, which may compound the issue related to such breach.
Continued geopolitical and geographical turmoil, including the ongoing conflicts in Ukraine and the Middle East, as well as increasing tensions in the South China Sea, has heightened the risk of cyberattacks and has created new risks for cybersecurity. For example, the U.S. government has warned that sanctions imposed against Russia by the United States in response to its conflict with Ukraine could motivate Russia to engage in malicious cyber activities against the United States. In addition, the U.S. government has warned that Iran may pose an increased cyber threat to U.S. critical infrastructure, such as the financial services sector, as the conflicts in the Middle East continue. If such cyberattacks occur, it could result in severe costs and disruptions to governmental entities and companies and their operations. The impact of the conflict and retaliatory measures is continually evolving and cannot be predicted with certainty. FCB has a higher risk of being impacted by geopolitical events due to FCB's expanded geographic footprint and increased prominence. Our Enterprise Cyber Security Office ("ECSO") continues in its efforts to closely monitor changes in the threat landscape.
Cybersecurity risks for large banking institutions, such as FCB, have significantly increased in recent years in part because of the proliferation of new technologies, including generative AI, the use of the internet and mobile banking to conduct financial transactions, and the increased sophistication of criminal activities. In March 2024, the U.S. Treasury cautioned financial institutions with respect to AI vulnerabilities and threat-actor capabilities, and in September 2024, the DOJ updated guidance to prosecutors in their investigations of corporations, including an expectation of corporations having conducted risk assessments regarding use of new technologies like AI. Refer to Item 1. Business-Regulatory Considerations-Artificial Intelligence for additional information. Cyberattacks involving LFIs, including distributed denial of service attacks designed to disrupt external customer-facing services, nation state cyberattacks and ransomware attacks designed to deny organizations access to key internal resources or systems or other critical data, as well as targeted social engineering and phishing email and text message attacks designed to allow unauthorized persons to obtain access to an institution's information systems and data or that of its customers, are becoming more common and increasingly sophisticated. In particular, there has been an observed increase in the number of distributed denial of service attacks against the financial sector in recent years, which increase is believed to be partially attributable to politically motivated attacks as well as financial demands coupled with extortion. These risks are expected to continue and further intensify in the future. Even the most advanced control environment may be vulnerable to compromise given the possibility of employee error, failures to follow security procedures or malfeasance. Additionally, the increase of supply chain attacks, including potential attacks on third parties with access to our data or those providing critical services to us, remain an operational risk. As cyber threats continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance our layers of defense or to investigate and remediate any information security vulnerabilities. Furthermore, past and future business transactions (such as acquisitions or integrations) could expose us to additional cybersecurity risks and vulnerabilities, as our systems could be negatively affected by vulnerabilities present in acquired or integrated entities' systems and technologies.
We also face indirect technology, cybersecurity and operational risks relating to customers and other third parties with whom we do business or upon whom we rely to facilitate or enable our business activities, including financial counterparties; financial intermediaries such as clearing agents, exchanges and clearing houses; vendors and other external dependencies; regulators; and providers of critical infrastructure such as internet access and electrical power. As a result of increasing consolidation, interdependence and complexity of financial entities and technology systems, an event that materially degrades, or disrupts systems of one or more financial entities could have a material impact on counterparties or other market participants, including us. This consolidation interconnectivity and complexity increases the risk of operational failure, for both individual and industry-wide bases, as disparate systems need to be integrated, often on an accelerated basis. Any third-party technology failure, cyberattack or other information or security breach, termination or constraint could, among other things, adversely affect our ability to effect transactions, service our customers, manage our exposure to risk or expand our businesses.
Cyberattacks or other information or security breaches, whether directed at us or third parties, may result in a material loss or have material consequences. Furthermore, the public perception that a cyberattack on our systems has been successful, correct or not, may damage our reputation with customers and third parties. A successful penetration or circumvention of system security could cause us negative consequences, including loss of customers and business opportunities, disruption to our operations and business, misappropriation or destruction of our confidential information and that of our customers, or damage to our customers' and third parties' computers or systems. In addition, such penetration or circumvention could result in a violation of applicable data privacy and protection laws and other laws, litigation exposure, regulatory fines, penalties or intervention, loss of confidence in our security measures, reputational damage, reimbursement or other compensatory costs and additional compliance costs. The consequences and results of any such penetration or circumvention could adversely impact our results of operations, liquidity and financial condition.
Although to date we are not aware of any material losses or other material consequences relating to technology failure, cyberattacks or other information or security breaches, whether directed at us or third parties, we may suffer such losses or other consequences in the future. Additionally, insurance coverage may not be available for such losses or, where available, such losses may exceed insurance limits.