2017-01539. Enhanced Cyber Risk Management Standards  

  • Start Preamble Start Printed Page 8172

    AGENCY:

    The Board of Governors of the Federal Reserve System; the Office of the Comptroller of the Currency; and the Federal Deposit Insurance Corporation.

    ACTION:

    Joint advance notice of proposed rulemaking; re-opening of comment period.

    SUMMARY:

    On October 26, 2016, the Board of Governors of the Federal Reserve System (Board), the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC) (collectively, the agencies) published in the Federal Register an advance notice of proposed rulemaking (ANPR) regarding enhanced cyber risk management standards (enhanced standards) for large and interconnected entities under their supervision and those entities' service providers. The ANPR addresses five categories of cyber standards: Cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness. Due to the range and complexity of the issues addressed in the ANPR, the public comment period has been extended until February 17, 2017. This action will allow interested persons additional time to analyze the proposal and prepare their comments.

    DATES:

    The comment period for the advance notice of proposed rulemaking published on October 26, 2016, (81 FR 74315) regarding enhanced cyber risk management standards is extended from January 17, 2017, to February 17, 2017.

    ADDRESSES:

    You may submit comments by any of the methods identified in the ANPR.[1] Please submit your comments using only one method.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Board: Anna Lee Hewko, Associate Director, (202) 530-6260; or Matthew Hayduk, Manager, (202) 973-6190; or Julia Philipp, Senior Supervisory Financial Analyst, (202) 452-3940; or Christopher Olson, Senior Supervisory Financial Analyst, (202) 912-4609, Division of Banking Supervision and Regulation; or Benjamin W. McDonough, Special Counsel, (202) 452-2036; or Claudia Von Pervieux, Counsel, (202) 452-2552; or Michelle Kidd, Counsel, (202) 736-5554, Legal Division; for persons who are deaf or hard of hearing, TTY (202) 263-4869.

    OCC: Bethany Dugan, Deputy Comptroller for Operational Risk, (202) 649-6949; or Kevin Greenfield, Director, Bank Information Technology, (202) 649-6954; or Eric Gott, Risk Team Lead for Governance and Operational Risk, Large Bank Supervision, (202) 649-7181; or Patrick Kelly, Bank Examiner, Critical Infrastructure Protection, (202) 649-5519; or Carl Kaminski, Special Counsel, Beth Knickerbocker, Counsel, or Rima Kundnani, Attorney, Legislative and Regulatory Activities Division, (202) 649-5490 or, for persons who are deaf or hard of hearing, TTY, (202) 649-5597, Office of the Comptroller of the Currency, 400 7th Street SW., Washington, DC 20219.

    FDIC: Donald Saxinger, Senior Examination Specialist, IT Supervision Branch, Division of Risk Management Supervision, (703) 254-0214; or John Dorsey, Counsel, Supervision & Legislation Branch, Legal Division, (202) 898-3807.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    On October 26, 2016, the agencies published in the Federal Register an advance notice of proposed rulemaking regarding enhanced cyber risk management standards (enhanced standards) for large and interconnected entities under their supervision and those entities' service providers.[2] The ANPR stated that the public comment period would close on January 17, 2017.[3]

    The agencies received a number of requests to extend the comment period for the ANPR. Due to the range and complexity of the issues addressed in the ANPR, the agencies believe it is appropriate to extend the public comment period until February 17, 2017. This action will allow interested persons additional time to analyze the proposal and prepare their comments.

    Start Signature

    Dated: January 13, 2017.

    Thomas J. Curry,

    Comptroller of the Currency.

    By order of the Board of Governors of the Federal Reserve System, acting through the Secretary of the Board under delegated authority, January 10, 2017.

    Robert deV. Frierson,

    Secretary of the Board.

    Dated: January 13, 2017.

    Federal Deposit Insurance Corporation by,

    Valerie Best,

    Assistant Executive Secretary.

    End Signature End Supplemental Information

    Footnotes

    1.  See 81 FR 74315 (October 26, 2016).

    Back to Citation

    [FR Doc. 2017-01539 Filed 1-23-17; 8:45 am]

    BILLING CODE 4810-33-P; 6210-01-P; 6714-01-P

Document Information

Published:
01/24/2017
Department:
Federal Deposit Insurance Corporation
Entry Type:
Proposed Rule
Action:
Joint advance notice of proposed rulemaking; re-opening of comment period.
Document Number:
2017-01539
Dates:
The comment period for the advance notice of proposed rulemaking published on October 26, 2016, (81 FR 74315) regarding enhanced cyber risk management standards is extended from January 17, 2017, to February 17, 2017.
Pages:
8172-8172 (1 pages)
Docket Numbers:
Docket ID OCC-2016-0016, Docket No. R-1550
RINs:
1557-AE06: Enhanced Cyber Risk Management Standards , 3064-AE45: Enhanced Cyber Risk Management Standards
RIN Links:
https://www.federalregister.gov/regulations/1557-AE06/enhanced-cyber-risk-management-standards-, https://www.federalregister.gov/regulations/3064-AE45/enhanced-cyber-risk-management-standards
PDF File:
2017-01539.pdf
CFR: (3)
12 CFR None
12 CFR 30
12 CFR 364