Cybersecurity, Privacy, & AI

Trending Now

Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project

Published on January 22, 2021 • Cyber

Banking Agencies Propose New Reporting Rules for Cyber Incidents

Federal banking agencies are requesting feedback on a joint proposal that would expand and hasten reporting requirements for computer security incidents. The Treasury Department’s Comptroller of the Currency, the Federal Reserve, and the FDIC are seeking to create an “early alert” requirement that covers a wider range of incidents than current regulations cover, and with a tighter timeframe.

An incident requiring notification could include “major computer-system failures, cyber-related interruptions, such as coordinated denial of service and ransomware attacks, or other types of significant operational interruptions.” Banks would need to report an incident no more than 36 hours after they come to “believe in good faith” it has occurred. Bank service providers would have an obligation to “immediately” report such incidents to their bank customers.

Source:

NextGov: Agencies Propose Faster, Broader Reporting of Cyber Incidents for Banks

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.