By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Private Banks RankingPrivate Banks Ranking
Notification Show More
Latest News
Bitcoin holds ground amid Binance lawsuit, XRP continues run up, U.S. equities dip
Bitcoin holds ground amid Binance lawsuit, XRP continues run up, U.S. equities dip
Finance
Meta, Google defend Brazilian law on responsibility for internet content
Business
Wall Street ends down with tech; investors assess bank comments
Banking
BM Technologies shakes up its C-suite
BM Technologies shakes up its C-suite
Banking
Bank Crisis ‘Exacerbating Nerves’ in Some Home Buyers and Sellers
Aa
  • Finance
  • Business
  • Banking
  • Investing
  • ETFs
  • Mutual Fund
  • Personal Finance
  • 2022 RANKING
Reading: Credit unions’ 72-hour cyberattack reporting window to take effect Sept. 1
Share
Private Banks RankingPrivate Banks Ranking
Aa
  • Finance
  • Business
  • Banking
  • Investing
  • ETFs
  • Mutual Fund
  • Personal Finance
  • 2022 RANKING
Search
  • Finance
  • Business
  • Banking
  • Investing
  • ETFs
  • Mutual Fund
  • Personal Finance
  • 2022 RANKING
Have an existing account? Sign In
Follow US
© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.
Private Banks Ranking > Blog > Banking > Credit unions’ 72-hour cyberattack reporting window to take effect Sept. 1
Banking

Credit unions’ 72-hour cyberattack reporting window to take effect Sept. 1

By Private Banks Ranking 1 month ago
Share
4 Min Read
Credit unions’ 72-hour cyberattack reporting window to take effect Sept. 1
SHARE

The National Credit Union Administration unanimously approved a final rule requiring all credit unions to report cybersecurity attacks within 72 hours after they reasonably believe an incident has occurred, the agency announced Thursday.

The rule will be effective Sept. 1, but the agency will lay out additional guidance before then.

The rule remains largely unchanged from when it was proposed in July, NCUA Chair Todd Harper said, emphasizing the importance of coordination between the NCUA and the Cybersecurity and Infrastructure Security Agency to avoid duplicate reporting.

“Each of us in the financial system has an obligation to protect our nation’s economic and financial infrastructure. And, credit unions must be included in conversations about critical infrastructure, as a whole,” Harper said in a statement.

Banks regulated by the Federal Deposit Insurance Corp., the Office of the Comptroller of the Currency and the Federal Reserve face a tighter reporting window: 36 hours.

“Through these high-level early warning notifications, the NCUA will be able to work with other agencies and the private sector to respond to cyber threats before they become systemic and threaten the broader financial services sector,” Harper said.

The final rule will go into effect months after the Financial Crimes Enforcement Network said U.S. financial institutions reported $1.2 billion worth of ransomware-related filings in 2021.

The NCUA’s rule complies with a cybersecurity law President Joe Biden signed in March 2022, requiring companies to provide notification within 72 hours of learning of a cyberattack.

The 72-hour notification time frame is to provide an early alert and does not require credit unions to give a full assessment of the incident to the NCUA, the board said.

See also  "60/40" portfolios post best start to year since 1991 - BofA

The rule is aimed at cyber incidents “that [lead] to a substantial loss of confidentiality, integrity, or availability of a network or member information system as a result of the exposure of sensitive data, disruption of vital member services, or that has a serious impact on the safety and resiliency of operational systems and processes,” the NCUA said.

“The sooner the agency is aware of an incident, the sooner it can determine whether it is isolated or widespread,” NCUA Vice Chair Kyle Hauptman said Thursday.

The rule is one of the many steps the NCUA has taken to improve cyber resiliency, including the Information Security Examination program launched this year, Harper said.

The NCUA does not supervise third-party vendors, and as such, around $2 trillion in assets are exposed to potential risks, Harper said.

“Unfortunately, cyber risk in the credit union system often lurks in the ether — beyond the NCUA’s purview — within credit union service organizations and third-party service providers that do not have the same level of oversight as bank vendors,” he said.

By restoring the NCUA’s authority over credit union service organizations and third-party vendors, the country’s economic security would receive a boost, Harper said.

“It will also give credit union members the same protection that bank customers currently enjoy,” Harper said, adding that the agency will continue to engage with Congress on the issue.

Source link

You Might Also Like

Wall Street ends down with tech; investors assess bank comments

BM Technologies shakes up its C-suite

Explainer: What are credit default swaps and why are they causing trouble for Europe’s banks?

CFTC sues Binance over compliance ‘evasion’

CFPB’s Chopra: regulators need to assess risks in faster communications

TAGGED: 72hour, credit, cyberattack, effect, reporting, Sept, unions, window
Share this Article
Facebook Twitter Email Print
Share
Previous Article Oxford Purchases Boston Biomanufacturing Facility in $125M Sales Leaseback
Next Article Goldman Sachs, BofA expect three more U.S. rate hikes this year
Leave a comment

Leave a Reply Cancel reply

You must be logged in to post a comment.

Private Banks RankingPrivate Banks Ranking
Follow US

© 2022 Private Banks Ranking- 52-54 Lime Street, EC3, London. All Rights Reserved.

  • Blog
  • Contact
  • Privacy Policy
  • Terms & Conditions
Join Us!

Subscribe to our newsletter and never miss our latest news, podcasts etc..

I have read and agree to the terms & conditions
Zero spam, Unsubscribe at any time.

Removed from reading list

Undo
Welcome Back!

Sign in to your account

Lost your password?