ABA and a coalition of financial services groups today called for extensive changes to a proposal by the Securities and Exchange Commission that would create new requirements for public companies regarding the disclosure of cybersecurity incidents.
Browsing: Data breach
A majority of the nation’s small business owners—78%—say they are concerned about the threat of a Russian cyberattack in light of recent news coverage, according to new survey data released by Provident Bank.
With a joint agency final rule requiring banks to notify their primary regulatory within 36 hours of becoming aware of computer security incidents that are considered “notification incidents” taking effect on May 1, the OCC today issued a bulletin reminding banks of their notification responsibilities and specifying points of contact.
The federal banking agencies today finalized a rule requiring banks to notify their primary regulator within 36 hours of becoming aware that a “computer-security incident” that rises to the level of a “notification incident,” has occurred.
In a joint letter to Senate Intelligence Committee leaders today, ABA and two financial trade groups said that several provisions in the Cyber Incident Notification Act of 2021 conflict with cybersecurity requirements already in place for financial institutions.
Almost half of data breaches in the financial services industry during 2020—44%—were the result of mostly accidental actions taken by internal actors, such as sending emails to the wrong people, which accounted for 55% of all error-based breaches, according to findings from Verizon’s latest global data breach investigations report.
A new proposal by the federal banking agencies requiring that banks notify their primary regulator within 36 hours after developing a good-faith belief of a “computer-security incident” or “notification” incident could impose a significant reporting burden, ABA and three other financial trades cautioned in a letter yesterday.
The American Bankers Association yesterday filed an amicus brief in the Texas state court case of Visa v. Sally Beauty Holdings.
A new proposed rule by the federal banking agencies would require banks to notify their primary regulator within 36 hours of becoming aware that a “computer-security incident” or “notification incident” has occurred.
A major cyberattack announced over the weekend on SolarWinds—a security vendor that serves a wide range of military, private companies, government agencies, and academic institutions—may have allowed hackers to gain access to the emails, systems and data of several of its clients, including the Treasury and Commerce Departments, among others.