WASHINGTON, Oct 19 (Reuters) - U.S. bank regulators on Wednesday outlined cyber security standards meant to protect financial markets and consumers from online attacks against the nation’s leading financial firms.
Leading banks will be expected to use the most sophisticated anti-hacking tools on the market and to be able to recover from any attack within two hours, said officials briefing reporters on the plan.
The rules, which will be finalized after industry input, is meant to raise cyber security to a top priority for corporate executives and boards, according to the banking agencies.
Banks with assets of $50 billion or more must satisfy the new rules that will be finalized in the months ahead, according to a statement by the Federal Reserve, Office of the Comptroller of the Currency and Federal Deposit Insurance Corp.
That scope means roughly 40 banks and a variety of non-bank financial companies would have to comply with the final rules.
“Covered entities would be required to be capable of operating critical business functions in the face of cyber-attacks,” the regulators said in a statement.
Reporting by Patrick Rucker; Editing by Susan Heavey, Editing by Franklin Paul