ICBA seeks updates to cyber reporting bill

Oct. 20, 2021

ICBA advocated updates to bipartisan legislation that would create a cyber incident reporting regime to avoid excessive burdens on community banks.

Background: The Cyber Incident Reporting Act (S. 2875) would establish a cyber incident response office at the Cybersecurity and Infrastructure Security Agency and require critical infrastructure, including financial institutions, to report cyber incidents within 72 hours.

ICBA Position: In a letter to lawmakers, ICBA:

Expressed support for the bill’s goal of improving information sharing between CISA and the private sector and harmonizing the regime with existing regulations.
Advocated loosening the 72-hour reporting timeline, expanding public-private information sharing, and removing duplicative penalties.

Next: The act is one of three bipartisan cyber incident reporting bills lawmakers are considering for inclusion in the 2022 National Defense Authorization Act.

Interested in discussing this and other topics? Network with and learn from your peers with the app designed for community bankers. Join the conversation with ICBA Community.

NewsWatch Today Contacts

Thomas Warren

Vice President, Communications

Nicole Swann

Vice President, Communications

ICBA seeks updates to cyber reporting bill

NewsWatch Today Contacts

Related News

CISA releases proposal on cyber reporting standards

Agencies issue fact sheet on ‘Volt Typhoon’ risks

Agencies disrupt LockBit ransomware group

Agencies issue guidance on using AI securely