New Cybersecurity Regulations in New York Go Into Effect

By CircleID Reporter

Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. Out-Law.com reports: "The new regulation (14-page / 342KB PDF) has been set by the New York State Department of Financial Services (DFS) and will apply to firms holding a banking, insurance or financial services licence to operate in New York. ... The rules are effective from 1 March, but firms will have 180 days to make any changes necessary to comply before enforcement action would be threatened ... Under the new rules, financial services companies will be required to 'maintain a cybersecurity program' that can 'protect the confidentiality, integrity and availability' of their information systems. The program must incorporate detect, defence and response mechanisms, including regulatory reporting obligations, as well as penetration testing."

Related topics: Cybercrime, Cybersecurity, Law, Policy & Regulation

Comments