Faster, more comprehensive breach notification requirements proposed

The proposed rule would, among other things, require banks to notify their primary regulators of a triggering incident as soon as possible, and no later than 36 hours after learning that the incident occurred, and would require banking service providers to notify affected bank customers immediately after experiencing a security incident that disrupts or impairs services for four hours or more. The proposed rule would fundamentally change a bank’s current notification obligations. [Continue]

The year ahead: Privacy and cybersecurity issues

The financial services industry faced unprecedented cybersecurity and privacy challenges in 2020. From learning how to operate with a remote workforce to facing an exponential rise in the number and sophistication of cyberattacks, the resilience of financial institutions was tested to its limits. These challenges continue, yet 2021 brings a new set of challenges that are likely to substantially impact financial services companies in the year ahead. [Continue]