Data breaches cost financial intuitions an average of $5.97 million in 2021 and 2022, with health care being the only sector with a higher cost per breach, according to a report released yesterday by IBM Security.
A majority of data breaches during 2021—73%—were perpetrated by external actors, according to findings from Verizon’s latest global data breach investigations report.
ABA and a coalition of financial services groups today called for extensive changes to a proposal by the Securities and Exchange Commission that would create new requirements for public companies regarding the disclosure of cybersecurity incidents.
A majority of the nation’s small business owners—78%—say they are concerned about the threat of a Russian cyberattack in light of recent news coverage, according to new survey data released by Provident Bank.
With a joint agency final rule requiring banks to notify their primary regulatory within 36 hours of becoming aware of computer security incidents that are considered “notification incidents” taking effect on May 1, the OCC today issued a bulletin reminding banks of their notification responsibilities and specifying points of contact.
The federal banking agencies today finalized a rule requiring banks to notify their primary regulator within 36 hours of becoming aware that a “computer-security incident” that rises to the level of a “notification incident,” has occurred.
In a joint letter to Senate Intelligence Committee leaders today, ABA and two financial trade groups said that several provisions in the Cyber Incident Notification Act of 2021 conflict with cybersecurity requirements already in place for financial institutions.
Almost half of data breaches in the financial services industry during 2020—44%—were the result of mostly accidental actions taken by internal actors, such as sending emails to the wrong people, which accounted for 55% of all error-based breaches, according to findings from Verizon’s latest global data breach investigations report.
A new proposal by the federal banking agencies requiring that banks notify their primary regulator within 36 hours after developing a good-faith belief of a “computer-security incident” or “notification” incident could impose a significant reporting burden, ABA and three other financial trades cautioned in a letter yesterday.
The American Bankers Association yesterday filed an amicus brief in the Texas state court case of Visa v. Sally Beauty Holdings.