Our prediction is plenty of wrangling on the definition of “materiality.” “The new requirement applies to any cybersecurity incidents that are expected to materially impact a bank’s ability to provide services, conduct its operations or undermine the stability of the financial sector. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency.”
Source: New U.S. Rule Requires Banks to Promptly Report Cyber Incidents