The House Financial Services Committee passed the Cybersecurity and Financial System Resilience Act (H.R. 4458) by voice vote Wednesday. CUNA supports the bill and expressed its support in a letter to committee leadership earlier this week.
H.R. 4458 would require NCUA and other sectors’ regulators to each issue an annual report to Congress describing measures the respective agency has taken to strengthen cybersecurity with respect to its functions as a regulator, including the supervision and regulation of financial institutions and, where applicable, third-party service providers.
It would enhance the Federal Information Security Modernization Act through reporting requirements while also requiring the regulators to ensure robust oversight of their regulated entities, which is already a primary duty of the regulators.
CUNA noted in its letter that, “regulators should be given wide latitude to decide the information reported publicly on the status of their regulated entities. Any information that details cyber vulnerabilities at financial institutions should not be reported publicly as it could harm the sector as bad actors could use reports as a roadmap for future attacks.”