Alexander Boyd and Colin H. Black of Polsinelli PC write:
On February 16, 2023, the National Credit Union Administration (“NCUA”) unanimously approved a final rule that requires a federally-insured credit union to report “reportable cyber incidents” to the NCUA as soon as possible, and in no event later than 72 hours after the credit union reasonably believes that it has experienced a reportable cyber incident. The final rule becomes effective later this year, on September 1, 2023. Credit Unions should implement measures now to ensure they are prepared for the upcoming expanded obligations.
Read more at The National Law Review.