To read the full version of this content please select one of the options below:

New York finalizes cybersecurity regulations for financial institutions

Jonathan G. Cedarbaum (Wilmer Cutler Pickering Hale and Dorr LLP in Washington, DC, USA)
Benjamin A. Powell (Wilmer Cutler Pickering Hale and Dorr LLP in Washington, DC, USA)
D. Reed Freeman (Wilmer Cutler Pickering Hale and Dorr LLP in Washington, DC, USA)
Leah Schloss (Wilmer Cutler Pickering Hale and Dorr LLP in Washington, DC, USA)
Reed Abrahamson (Wilmer Cutler Pickering Hale and Dorr LLP in Washington, DC, USA)

Journal of Investment Compliance

ISSN: 1528-5812

Article publication date: 3 July 2017

Abstract

Purpose

To analyze the cybersecurity regulations for financial institutions issued by the New York State Department of Financial Services on February 16, 2017.

Design/methodology/approach

This article summarizes the regulations’ scope and requirements including definition of Covered Entities and substantive requirements including periodic Risk Assessments, cyber policies, dedicated and trained personnel, testing, audit trails, control over Third Party Service Providers, authentication, secure disposal, encryption, and incident reporting.

Findings

The regulations go beyond federal requirements in a number of important respects.

Originality/value

This article provides a guide for regulated entities to start preparing for compliance with the new regulations from experienced lawyers with specialties in cybersecurity, privacy and communications.

Keywords

Citation

Cedarbaum, J.G., Powell, B.A., Freeman, D.R., Schloss, L. and Abrahamson, R. (2017), "New York finalizes cybersecurity regulations for financial institutions", Journal of Investment Compliance, Vol. 18 No. 2, pp. 27-30. https://doi.org/10.1108/JOIC-04-2017-0020

Publisher

:

Emerald Publishing Limited

Copyright © 2017 Wilmer Cutler Pickering Hale and Dorr LLP.