January 13, 2017
Agencies extend comment period for advance notice of proposed rulemaking on enhanced cyber risk management standards
- Board of Governors of the Federal Reserve System
- Federal Deposit Insurance Corporation
- Office of the Comptroller of the Currency
For release at 2:00 p.m. EST
The Federal Reserve Board, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation on Friday extended until February 17, 2017, the comment period for the advance notice of proposed rulemaking on enhanced cyber risk management standards for large and interconnected entities under their supervision and those entities' service providers.
The agencies are considering five categories of cyber standards: cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness.
Originally, comments were due by January 17, 2017. The agencies extended the comment period to allow interested persons more time to analyze the issues and prepare their comments.