Federal financial regulators propose computer-security incident notification for banks

Sindhu Ajay reports:

The US Office of the Comptroller of the Currency, the Federal Reserve Board, and the Federal Deposit Insurance Corporation Friday proposed a new computer-security incident notification requirement for banking organizations and their bank service providers.

The proposed rule would require a banking organization to provide its primary federal regulator a prompt notification of any “computer-security incident” no later than 36 hours after it believes the incident occurred.

Read more on JURIST.

ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale.
Confidence in ransomware recovery is high but actual success rates remain low
Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach
Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns

Related: