Federal Banking Agencies Propose Required Cyber Incident Notifications

In this episode of S&C’s Critical Insights podcast, Jared Fishman, a partner in S&C’s Financial Services and Capital Markets Groups, and Tony Lewis, special counsel in S&C’s Litigation Group and Cybersecurity practice, discuss a rule proposed by the Federal Reserve, the OCC and the FDIC to address cybersecurity incidents. The proposed rule would require banking organizations to notify their regulator of certain kinds of cybersecurity incidents, and also require bank service providers to notify their...

In this episode of S&C’s Critical Insights podcast, Jared Fishman, a partner in S&C’s Financial Services and Capital Markets Groups, and Tony Lewis, special counsel in S&C’s Litigation Group and Cybersecurity practice, discuss a rule proposed by the Federal Reserve, the OCC and the FDIC to address cybersecurity incidents. The proposed rule would require banking organizations to notify their regulator of certain kinds of cybersecurity incidents, and also require bank service providers to notify their banking-organization customers when they experience cybersecurity incidents.

 

Jared and Tony discuss some of the background for this proposal, the new requirements this proposal would impose, and takeaways for organizations that could be affected.