Cyber Incident Notification Requirements for Federally Insured Credit Unions

Title: Cyber Incident Notification Requirements for Federally Insured Credit Unions
Subject: Cyber incident notification
Agency: NCUA
Status:
Proposed rule
Summary:

Due to the increased frequency and severity of cyberattacks on the financial services sector, the NCUA Board is proposing to require a federally insured credit union that experiences a reportable cyber incident to report the incident to the NCUA as soon as possible and no later than 72 hours after the federally insured credit union reasonably believes that it has experienced a reportable cyber incident. This notification requirement provides an early alert to the NCUA and does not require credit unions to provide a detailed incident assessment to the NCUA within the 72-hour time frame.

FR Doc:

2022-16013

Date proposed: July 21, 2022
Comments due date: Sept. 26, 2022
Effective date:

Rule compliance date:
Agency release:
Related Reg Report item(s):

NCUA proposal gives credit unions no more than 72 hours to report cyber incidents

Be the first to comment

Leave a Reply

Your email address will not be published.