While large financial institutions have long been tasked with navigating strict cybersecurity regulations, examiners traditionally provided smaller financial organizations and service providers more latitude in handling cyber incidents. However, in 2022, the rules have changed.
A new joint final rule issued by the Federal Deposit Insurance Corporation (FDIC), Federal Reserve Banks (FRB), and Office of the Comptroller of the Currency (OCC), called the Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers, went into effect in May 2022. Kristen Yang, Senior SOC Analyst, explains who it applies to, its requirements and how MDR can help you meet them.
For more information, check out: