April 18, 2024
Daily News
Credit union regulator proposes 72-hour incident reporting rule, sets requirements for third-party vendors
The National Credit Union Administration has issued a proposal to require firms under its jurisdiction to report cybersecurity incidents within 72 hours, matching the timeline in a new law for certain critical infrastructure operators but deciding to move ahead of a CISA rulemaking to implement the law given the severity of the threat.
“The [NCUA] Board believes that it would be imprudent in light of the increasing frequency and severity of cyber incidents to postpone a notification requirement until after...