The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.
A top federal regulatory official urged financial institutions to implement multifactor authentication for all nonpublic systems, telling an audience of financial executives that a majority of breaches could be avoided or mitigated through basic cybersecurity controls.
Cryptocurrency trading platform Robinhood Crypto will pay $30 million to the state of New York after an investigation revealed deficiencies in its cybersecurity and anti-money laundering programs. The company will also retain an independent consultant who will monitor remediation efforts.
The chairman of the U.S. House Intelligence Committee vowed more action against makers of advance spyware such as Israel's NSO Group while witnesses pressed the panel to commit the intelligence community's resources to disrupting spyware companies.
Federal regulators say credit unions should report cyber incidents within 72 hours, including those experienced by third-party vendors that process member data. Just five deposit, payment, and data processing service companies dominate the credit union market.
The National Institute of Standards and Technology today announced a first group of encryption algorithms designed to withstand the assault of a future quantum computer. Selection of the four algorithms comes after six years of evaluation by the U.S. federal agency.
Cryptocurrency experts are fingering North Korea as likely responsible for the cryptocurrency theft of $100 million from the Harmony Horizon bridge. North Korea fuels its nuclear weapons program with stolen cryptocurrency used to dodge international sanctions that prevent ready access to cash.
A bipartisan U.S. proposal for a national privacy law also imposes new cybersecurity regulatory mandates onto the private sector. The inclusion of a data security section in draft privacy legislation shows the Washington consensus for voluntary industry measures is wearing thin.