January 13, 2017

Agencies extend comment period for advance notice of proposed rulemaking on enhanced cyber risk management standards

  • Board of Governors of the Federal Reserve System
  • Federal Deposit Insurance Corporation
  • Office of the Comptroller of the Currency

For release at 2:00 p.m. EST

The Federal Reserve Board, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation on Friday extended until February 17, 2017, the comment period for the advance notice of proposed rulemaking on enhanced cyber risk management standards for large and interconnected entities under their supervision and those entities' service providers.

The agencies are considering five categories of cyber standards: cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness.

Originally, comments were due by January 17, 2017. The agencies extended the comment period to allow interested persons more time to analyze the issues and prepare their comments.

Media Contacts:
Federal Reserve Board
Darren Gersh
202-452-2955
FDIC
Julianne Fisher Breitbeil
202-898-6895
OCC
Stephanie Collins
202-649-6870
Last Update: January 13, 2017