Brandon N. Robinson Authors Article for Bloomberg Law on New Cybersecurity Rules Affecting U.S. Banks

Brandon N. Robinson, partner in Balch’s Birmingham office and chair of the firm’s Data Privacy & Security Practice, authored an article for Bloomberg Law published on January 27, 2022 regarding new federal rules taking effect this spring that will require all U.S. banking organizations to report “any significant computer security incident” to federal regulators no later than 36 hours after the incident has occurred. 

In the article, Brandon examines the new requirements and suggests steps for compliance.  Brandon shared that these new reporting rules will take effect on April 1, 2022 and explains key definitions within the rules to help banks prepare for complying with the new requirements. 

Brandon shares “The rules from the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve (board), and the Federal Deposit Insurance Corporation (FDIC) are important because they broaden the types of incidents that require agencies to be alerted, and reflect the fact that banks have become increasingly reliant on third parties for essential services.

There is hope that these rules will prevent widespread outages for customers and banking organization employees, and protect banks from disruptions that impact business operations and customer service.”

Brandon counsels clients in a variety of industries regarding cybersecurity and data privacy issues to assist them in proactively managing risks while maintaining innovative customer service. Brandon counsels companies on issues that include data breach management and response, compliance with federal, state, and sectoral privacy laws and regulations, review and drafting of contracts with vendors and other third parties involving customer data and nondisclosure agreements, and the creation and maintenance of company policies and procedures. He also serves as transactional counsel on projects involving technology and data, including drones, broadband infrastructure, data application and transfers and other emerging technologies. As part of his energy practice, Brandon also represents electric utilities and others in the energy industry on a variety of regulatory and technological compliance issues, including cybersecurity issues related to critical infrastructure protection.

Brandon is the editor of and a frequent contributor to the firm’s Data Privacy & Security Observer Blog, which provides legal updates and thought leadership on data privacy and cybersecurity issues.