Inside Cybersecurity

March 28, 2024

Daily News

Regulators publish 36-hour incident notice proposal, kicking off 90-day comment period

By Charlie Mitchell / January 12, 2021

A proposed requirement for financial entities to report cybersecurity incidents within 36 hours was published today in the Federal Register, starting a 90-day public comment period on a rule that federal regulators say will not impose an undue burden on industry.

Described as an “early alert” for regulators, the proposed rule “would require a banking organization to provide its primary federal regulator with prompt notification of any ‘computer-security incident’ that rises to the level of a ‘notification incident.’ The proposed...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.