The aim is to bolster the banking industry’s defenses amid concern over periodic security breaches at U.S. banks.
The move announced Wednesday by the Federal Reserve, the Federal Deposit Insurance Corp. and a Treasury Department banking agency is designed to get banks’ senior executives and directors to pay closer attention to cybersecurity, agency officials said.
The rules proposed by the three agencies would pile on a second set of stricter standards for big banks’ computer systems that are considered critical to the functioning of the financial industry.
The banks should establish goals for how long it would take them to recover from a cyberattack, and should assess the potential for malware or corrupted data to spread through connected computer systems, the regulators said.
The breaches raised concerns about the Fed’s ability to safeguard sensitive financial information in its computer systems, the lawmakers said.