US regulators seek to tighten cyber incident reporting

New federal rule, mindful of Covid, will force firms to report serious incidents within 36 hours

hack-attack
Stolen credentials are one of the primary gateways for cyber criminals to gain access to systems

US regulators are zeroing in on the design of banks’ critical incident response protocols as a key means of ensuring the safety and soundness of the financial system. High-profile threats from malicious actors affecting banks and their service providers can quickly erode confidence in the current climate.

Although the Bank Service Company Act already allows a bank’s primary federal regulator to examine bank operations performed by third parties, it contains no notification requirement in the

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

To continue reading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: