US banking regulators have proposed new cyber security standards to protect the financial services industry from cyber attacks and technology failures.

The proposed rules, to be finalised after industry input, have been framed by the Federal Reserve Board, the Federal Deposit Insurance, and the Office of the Comptroller of the Currency.

The rules will cover US and foreign banks operating in the country with assets of $50bn or more, financial market infrastructure companies and nonbank financial companies.

Under the new rules, banks would have to deploy sophisticated controls that will allow them to recover from a cyberattack within two hours.

The rules also require financial providers to develop a cybersecurity risk management plan and include it in their business strategies.

“Covered entities would be required to be capable of operating critical business functions in the face of cyber-attacks and continuously enhance their cyber resilience. In addition, covered entities would be required to establish processes designed to maintain effective situational awareness capabilities to reliably predict, analyze, and respond to changes in the operating environment,” the regulators said.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.