The Federal Reserve Board, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation on Friday extended until February 17, 2017, the comment period for the advance notice of proposed rulemaking on enhanced cyber risk management standards for large and interconnected entities under their supervision and those entities' service providers.
The agencies are considering five categories of cyber standards: cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness.
Originally, comments were due by January 17, 2017. The agencies extended the comment period to allow interested persons more time to analyze the issues and prepare their comments.
