web analytics

US SEC Approves Wall Street Data Breach Reporting Regs – Source: www.databreachtoday.com

us-sec-approves-wall-street-data-breach-reporting-regs-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Finance & Banking
,
Industry Specific
,
Standards, Regulations & Compliance

Covered Financial Institutions Have 30 Days to Notify Customers of Data Breaches

Chris Riotta (@chrisriotta) •
May 17, 2024    

US SEC Approves Wall Street Data Breach Reporting Regs
Broker-dealers and other investment firms will have 30 days to notify clients of data breaches under new U.S. regulations. (Image: Shutterstock)

U.S. federal regulators tightened data security regulations on Wall Street, approving on Thursday regulations requiring companies to notify clients within 30 days of detecting a data breach and to ensure they have a program to detect and respond to hackers.

See Also: Software Supply Chain Platform for Financial Services

The Securities and Exchange Commission unanimously voted to approve amendments to Regulation S-P – better known as the safeguards rule – which regulates how broker-dealers and investments advisers oversee and protect consumer data. The updated regulations require covered institutions to provide notice to customers if their information was compromised by an unauthorized user “as soon as practicable” but not later than 30 days after becoming aware of a cyber incident

SEC Chair Gary Gensler said regulators haven’t updated the safeguards rules since they took effect in 2000. The new rules will “make critical updates” that “help protect the privacy of customers’ financial data.”

“Over the last 24 years, the nature, scale and impact of data breaches has transformed substantially,” Gensler said.

According to the SEC, the updates aim to “modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information” by covered institutions. The regulations also direct investment companies and advisers to address the growing use of technology “and the risks it imposes” across the financial sector.

The SEC voted in July 2023 to require publicly traded companies to disclose “material cybersecurity incidents” within four days of discovery (see: SEC Votes to Require Material Incident Disclosure in 4 Days).

The latest incident reporting requirements will take effect 60 days after their publication in the Federal Register, and larger entities will have 18 months after that date to ensure compliance. Smaller entities will have 24 months to comply with the new rules.

Original Post url: https://www.databreachtoday.com/us-sec-approves-wall-street-data-breach-reporting-regs-a-25268

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

the Department of the Environment Climate and Communications
Guidelines on CyberSecurity Specifications
Guidelines on CyberSecurity Specifications
Security METRICS
Security Metrics Guide to PCI DSS Compliance
Security Metrics Guide to PCI...
SOC TIPS Cybersecurity
Guia de Resposta a Incidentes de Segurança para LGPD
Guia de Resposta a Incidentes...
CDCP
FIREWALL Audit CHECKLIST
FIREWALL Audit CHECKLIST
GitGuardian
Secrets Management Maturity Model
Secrets Management Maturity Model
MegaCorp One
Sample Penetration Test Report
Sample Penetration Test Report
FORTINET
Routing in FortiGate
Routing in FortiGate
FUTURE OF PRIVACY FORUM
Risk Framework Body Related Data (PD) Immersive Tech
Risk Framework Body Related Data...
ENISA
Remote ID Proofing Good Practices
Remote ID Proofing Good Practices
Google
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Why Red TeamsPlay a Central...
Red Canary
Threat Detection Report 2024
Threat Detection Report 2024
HADESS
Pwning the Domain Persistence
Pwning the Domain Persistence

More Latest Published Posts

INCIDENT RESPONSE PLAN
INCIDENT RESPONSE PLAN
NIST CSF 2.0
Incident Response Recommendations and Considerations for Cybersecurity Risk Management
Incident Response Recommendations and Considerations for Cybersecurity Risk Management
GmFaruk
Identity and Access Management Policy
Identity and Access Management Policy
UK HM Government
National Cyber Strategy 2022
National Cyber Strategy 2022
NSA
NSA Network Infrastructure Security Guide
NSA Network Infrastructure Security Guide
NIST
NIST Policy Template Guide
NIST Policy Template Guide
Thecyphere
Malware prevention tips for businesses
Malware prevention tips for businesses
ministry of security
MERGERS AND ACQUISITIONS
MERGERS AND ACQUISITIONS
THE LINUX FUNDATION
Linux Privilege Escalation
Linux Privilege Escalation
LogRhythm
How to build a SOC with limited resources
How to build a SOC with limited resources
Kubernetes
Kubernetes and Cloud Native Associate (KCNA) Study Guide
Kubernetes and Cloud Native Associate (KCNA) Study Guide
Australian Government
Management structures and responsibilities
Management structures and responsibilities
Hacker Combat
How are Passwords Cracked ? by Hacker Combat.
How are Passwords Cracked ? by Hacker Combat.
N/A
Security Metrics & KPIs for Measuring SOC Success – Measure Up: How SOC Metrics Elevate Your Security Posture.
Security Metrics & KPIs for Measuring SOC Success – Measure Up: How SOC Metrics Elevate Your Security Posture.
Sectrio
The Global OT & IoT Threat Landscape Assessment and Analysis rEPORT 2024 by Sectrio Threat Research Lab Initiative.
The Global OT & IoT Threat Landscape Assessment and Analysis rEPORT 2024 by Sectrio Threat Research Lab Initiative.
ISA SECURE
The Case for ISA/IEC 62443Security Level 2 as a Minimumfor COTS Components
The Case for ISA/IEC 62443Security Level 2 as a Minimumfor COTS Components
Huntress
2024 Cyber Threat Report
2024 Cyber Threat Report
NACD - Intenet Security Alliance
2023 Director’s Handbook on Cyber-risk Oversight
2023 Director’s Handbook on Cyber-risk Oversight
Devoteam
14 Cybersecurity Trends for 2024
14 Cybersecurity Trends for 2024
IGNITE Technologies
MEMORY FORENSICS VOLATILITY
MEMORY FORENSICS VOLATILITY
CAREER UP
7 Steps to your SOC Analyst Career
7 Steps to your SOC Analyst Career
National Cyber Security Centrum
Managing Insider Threats
Managing Insider Threats
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
National Security Agency
CSI Cloud Top10 Key Management
CSI Cloud Top10 Key Management
CSA Cloud Security Alliance
Defining the Zero TrustProtect Surface
Defining the Zero TrustProtect Surface
HANIM EKEN
CONTAINER SECURITY INTERVIEW QUESTIONS ANSWERS
CONTAINER SECURITY INTERVIEW QUESTIONS ANSWERS
CNIL
PRACTICE GUIDE GDPR – SECURITY OF PERSONAL DATA Version 2024
PRACTICE GUIDE GDPR – SECURITY OF PERSONAL DATA Version 2024