In a Risk Perspective released on July 7, 2017, the Office of the Comptroller of the Currency (“OCC”) emphasized the need for institutions to be cyber resilient – i.e., be able to respond to cyber attacks by managing various risks.  Acting Comptroller Keith Noreika noted in a speech on the same day that “[e]ffective risk management promotes timely detection, response and escalation of operational issues to reduce customer impact due to product failures, possible fraud, and potential unfair or deceptive acts or practices.”  Of course, to manage its risks, an institution must assess its risks, as emphasized in a recent WannaCry Alert by the Securities and Exchange Commission (“SEC”), recently released HIPPA guidance, and the New York Department of Financial Services (“NYDFS”) new cybersecurity regulations (Davis Polk webinar).

Davis Polk’s Cybersecurity Team has published a blog post analyzing the recent regulatory push for cyber resilience and describing how companies can work toward cyber resilience through a robust risk assessment plan.

Go to Cyber Breach Info Post »