Banking regulators extend comments on cyber risk standards proposal

Comments on an enhanced cyber risk management standards proposal by the three federal banking regulators are now due Feb. 17, rather than tomorrow (Jan. 17), the agencies announced Friday. According to a release, the Federal Reserve, OCC and the FDIC are extending the comment period on the advance notice of proposed rulemaking by one month to “allow interested persons more time to analyze the issues and prepare their comments.” Under consideration by the three agencies for large and interconnected entities under their supervision and those entities’ service providers are five categories of cyber standards:  cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness.

Joint release: Agencies Extend ANPR comment period on enhanced cyber risk management standards