Banks ordered to promptly flag cybersecurity incidents under new US rule

Cyber printed

US banking regulators have finalized a rule that directs banks to report any major cybersecurity incidents to the government within 36 hours of discovery.

Separately, the banking industry said it had successfully completed a massive cross-industry cyber security drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.

The developments highlight the growing threat large-scale cyber incidents pose to financial stability.

“The financial services industry is a top target, facing tens of thousands of cyberattacks each day,” said Kenneth Bentsen, Chief Executive Officer of the Securities Industry and Financial Markets Association, which organized and led the industry drill.

The new bank rule stipulates that banks must notify their primary regulator of a significant computer security breach as soon as possible, and no later than 36 hours after discovery.

Banks also must notify customers as soon as possible of a cybersecurity incident if it results in problems lasting more than four hours.

The new requirement applies to any cybersecurity incidents that are expected to materially impact a bank’s ability to provide services, conduct its operations or undermine the stability of the financial sector. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency.

Related Article:
Paytm eyes an IPO by end of October, hopes to break even in 18 months

It sets explicit expectations on how quickly banks must make cybersecurity breaches known, as regulators look to catch up to the rapidly growing role technology is playing in every type of banking service. Previously, there was no specific requirement for how quickly a bank must report a major computer breach.

The team at Platform Executive hope you have enjoyed the ‘Banks ordered to promptly flag cybersecurity incidents under new US rule‘ article. Automatic translation from English to a growing list of languages via Google AI Cloud Translation. Initial reporting via our official content partners at Thomson Reuters.

You can stay on top of all the latest developments across the platform economy, find solutions to your key challenges and gain access to our problem-solving toolkit and proprietary databases by becoming a member of our growing community. For a limited time, our subscription plans start from just $16 per month.

Share this Article