U.S. banks would have no longer than 36 hours after finding a cybersecurity breach to flag the issue to their regulators, under a new rule proposed Friday.
The proposal from U.S. banking regulators would direct banks to notify their primary regulator as soon as possible after a breach is discovered that could impair services or the organization itself. In addition, the rule would direct third-party service providers to promptly tell client banks of any breaches that would impair their services.
Be smart with your money. Get the latest investing insights delivered right to your inbox three times a week, with the Globe Investor newsletter. Sign up today.