Agencies Extend Comment Period for Advance Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards


On January 13, 2017, the Federal Reserve Board, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation changed, from January 17, 2017 to February 17, 2017, the deadline for comments “for the advance notice of proposed rulemaking on enhanced cyber risk management standards for large and interconnected entities under their supervision and those entities’ service providers.” Cyber standards are being contemplated in five areas: “cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness.” Federal Reserve Release. OCC Release. FDIC Release.