To analyze the cybersecurity regulations for financial institutions issued by the New York State Department of Financial Services on February 16, 2017.
This article summarizes the regulations’ scope and requirements including definition of Covered Entities and substantive requirements including periodic Risk Assessments, cyber policies, dedicated and trained personnel, testing, audit trails, control over Third Party Service Providers, authentication, secure disposal, encryption, and incident reporting.
The regulations go beyond federal requirements in a number of important respects.
This article provides a guide for regulated entities to start preparing for compliance with the new regulations from experienced lawyers with specialties in cybersecurity, privacy and communications.
Cedarbaum, J.G., Powell, B.A., Freeman, D.R., Schloss, L. and Abrahamson, R. (2017), "New York finalizes cybersecurity regulations for financial institutions", Journal of Investment Compliance, Vol. 18 No. 2, pp. 27-30. https://doi.org/10.1108/JOIC-04-2017-0020
Emerald Publishing Limited
Copyright © 2017 Wilmer Cutler Pickering Hale and Dorr LLP.