The National Credit Union Administration notified all federally insured credit unions that as of September 1, 2023, they must report cyber incidents within 72 hours after becoming aware of the event or receiving a notification from a third party regarding a reportable incident.

The SEC set an effective date of September 5, 2023 for final disclosure requirements on cybersecurity risk management, governance, strategy and incident reporting by public companies.

The Federal Reserve Board reported to Congress on cybersecurity risk management practices at financial institutions and efforts to address emerging risk.

The SEC adopted final disclosure requirements on cybersecurity risk management, governance, strategy, and incident reporting by public companies.

SIFMA joined the Bank Policy Institute and the American Bankers Association in support of the Federal Information Security Modernization Act of 2023. The Act would "enhance transparency over federal agency information security practices."