NCUA's New Cyber Incident Reporting Requirements

April 26, 2023
Live Webinar:
DateApr 26, 2023Duration90 minutes
12:00 PM PDT01:00 PM MDT
02:00 PM CDT03:00 PM EDT
  • Unlimited connections for your institution
  • Available on desktop, mobile & tablet
  • Take-away toolkit
  • Presenter’s contact info for questions
On-Demand Webinar:
  • Unlimited & shareable access starting two business days after live stream
  • Available on desktop, mobile & tablet devices 24/7
  • Take-away toolkit
  • Ability to download webinar video
  • Presenter's contact info for questions
See Registration Options

The increased frequency and severity of cyber attacks pose an ever-evolving threat.

Technology and remote services are essential to maintaining member service, but such usage is also fueling the increased attacks by a variety of bad actors. NCUA has taken action by finalizing a new reporting requirement. Is your credit union prepared to comply?
  • Define a reportable cyber incident
  • Relate examples of reportable cyber incidents
  • Anticipate the incident reporting process
  • Understand the impact of third-party compromises
  • Coordinate with state data breach laws
  • Appreciate NCUA policy expectations


To meet evolving cyber risks, the NCUA has finalized a new rule regarding the reporting of significant cyber incidents. Credit unions are now required to report a cyber incident that disrupts their business operations, vital member services, or member information system within 72 hours. How do you know that an incident meets the requirements? What are the steps in the reporting process? How does the new requirement coordinate with existing obligations as well as new obligations posed by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA)? Join credit union attorney David Reed as he cuts through the technical jargon and regulatory speak to provide you with clear guidance and useful resources related to your new cybersecurity obligations. 


This informative session is designed for senior executives, directors, IT staff, compliance personnel, audit staff, and anyone involved with the cybersecurity process.


  • Cybersecurity incident reporting checklist
  • Examination guidance
  • Cybersecurity glossary
  • Employee training log
  • Interactive quiz
  • PDF of slides and speaker’s contact info for follow-up questions
  • Attendance certificate provided to self-report CE credits

NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your institution is prohibited. Print materials may be copied for eligible participants only.

Presented By

David A. ReedDavid A. Reed
Reed & Jolly, PLLC