US orders banks to report cybersecurity incidents in 36hrs

By BizClik Admin
US banking regulators have finalised a rule that directs banks to report any major cybersecurity incidents to the government within 36 hours of discovery.

A new rule for US banks stipulates that they must notify their primary regulator of a significant computer security breach as soon as possible and no later than 36 hours after discovery. Banks must  also notify customers as soon as possible of a cybersecurity incident if it results in problems lasting more than four hours.

The new requirement, reported by Reuters, applies to any cybersecurity incidents that are expected to materially impact a bank's ability to provide services, conduct its operations or undermine the stability of the financial sector. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency.

It sets explicit expectations on how quickly banks must make cybersecurity breaches known, as regulators look to catch up to the rapidly growing role technology is playing in every type of banking service. Previously, there was no specific requirement for how quickly a bank must report a major computer breach.

The new rules are part of a number if initiatives by the banking industry to be more alert to cyber threats. The industry has also successfully completed a cross-industry cybersecurity drill that aims to ensure Wall Street knows how to respond in the event of a ransomware attack that threatens to disrupt a range of financial services.

The developments highlight the growing threat large-scale cyber incidents pose to financial stability.

“The financial services industry is a top target, facing tens of thousands of cyberattacks each day," said Kenneth Bentsen, CEO of the Securities Industry and Financial Markets Association (Sifma), which organised and led the industry drill.

Rise in financial sector cyberattacks

Cyberattacks against major financial institutions have grown significantly in recent years. An analysis in 2015 found that financial organisations were targeted four times more than other industries. Only four years later, financial firms experienced as many as 300 times more cyberattacks than other companies.

Those located in the United States were the most targeted, accounting for over a quarter (55 of 207) of major global cyberattacks against financial services, according to the FinCyber Project by the Carnegie Endowment for International Peace and BAE Systems Applied Intelligence.

Increasingly attacks are perpetrated by Advanced Persistent Threat (APTs) actors. These sophisticated, sustained attacks are meant to infiltrate networks and conduct long-term operations, such as spying or data exfiltration. Unlike an opportunistic cyber-attack, in which the perpetrator seeks to “get in and get out” for some immediate payoff, an effective APT will skirt a system’s security and remain undetected for a prolonged period. A cyberattack on a bank can devastate its customers and systems; and a cyberattack on the US Treasury, which SolarWinds came dangerously close, could bring down the country.  

 

Share

Featured Articles

Founder Shield MD on Navigating Multi-Cloud Complexities

Founder Shield Managing Director Jonathan Selby talks strategies to navigating the complexities of multi-cloud set ups

Qodea CISO Explains How Cyber Threats Could Outrun Cost

Qodea CISO Business Manager Ed Russell explains how growth in sophistication and volume of attacks means current investment in defences falls short

Nokia and NL-ix Deploy Europe’s Largest IXP-Based Anti-DDoS

This collaboration between Nokia and NL-ix is unprecedented both being Largest IXP-Based Anti-DDoS, but the first anti-DDoS solution deployed by an IXP

Bridging the Gap: Examining the UK-US Data Bridge

Data Breaches

Hiddenlayer CSO Tells Why It Made an AI Security Council

Technology & AI

Cooperation Key Theme at Microsoft Endpoint Security Summit

Cyber Security