Printable versionSend by emailPDF version
February 28, 2017
The Regulation:
As part of Governor Cuomo’s commitment to protecting consumer data, New York State’s Department of Financial Services (NY DFS) has enacted the first-in-the-nation cybersecurity regulation to protect a state’s financial services industry and consumers from the ever-growing threat of cyber-attacks.
Effective March 1, 2017, the law requires banks, insurance companies and other financial services institutions regulated by the NY DFS to establish and maintain a cybersecurity program to protect consumers’ private data and manage cyber risk.
The new NY DFS regulation has come at a time when federal regulatory agencies are also considering enhanced cyber risk standards for the financial institutions they oversee. We believe the focus from the regulators will require entities to have more robust cyber operational risk management practices in areas such as cyber risk governance, cyber risk management and internal- and external- dependency risk management, as well as incident response and resilience.


New York Department of Financial Services Cybersecurity Regulation