On September 19, 2017, the Central Bank of Brazil published Public Notice No. 57/2017, announcing a resolution on the implementation by financial institutions of cybersecurity policy and the requirements for contracting services data processing and storage, and cloud computing.
The proposal provides for the minimum content of the cyber security policy and establishes requirements for contracting data processing and storage services and cloud computing, including minimum contractual requirements. In addition, requirements regarding the handling of incidents related to the cyber environment are established. Institutions should also develop actions to share information about these incidents.