On October 30, 2020, the US federal banking regulators1 issued guidance on sound practices for the largest US banking organizations to strengthen their operational resilience, including with respect to cyber risk management (the “Guidance”).2 Operational resilience is an organization’s ability to prepare for, adapt to, withstand, and recover from disruptions and to continue