E Point Perfect
Law \ Legal

NYDFS Announces Updated Cybersecurity Regulation


On November 9, 2022, New York Department of Financial Services (NYDFS) Superintendent Adrienne Harris announced that the NYDFS formally proposed an updated cybersecurity regulation. Although the updates had previously been released in draft form, the formal announcement commences the 60-day comment period.

The proposed regulations would create three different tiers of companies based on their size, operations, and nature of their businesses. The compliance obligations of those different tiers would vary, but in general, the proposed regulations would:

  • Enhance governance requirements in an attempt to increase accountability for cybersecurity at the Board and C-Suite levels;   
  • Require controls to prevent initial unauthorized access to technology systems and to prevent or mitigate the spread of an attack;   
  • Require more regular risk and vulnerability assessments, as well as more robust incident response, business continuity and disaster recovery planning; and   
  • Direct companies to invest in regular training and cybersecurity awareness programs that are relevant to their business model and personnel.   

Companies now have 60 days to submit comments to these proposed regulations, after which NYDFS will either propose a revised version or adopt the final regulation. However, even though the final regulation may still change, companies should be assessing their current compliance regimes – including whether their policies are properly documented in a fashion likely to satisfy legal regulators.



Source link

Related posts

Investing – Tread with Great Care

SCOW will review circuit court’s attempt to act like a DOC supervision agent

Might the recent marijuana pardons by Prez Biden “make things worse for criminal legal reform”?

’Tis the Season for California’s 2023 Legislative Update: Employer Considerations

How Sheila MacPherson of Lawson Lundell has dedicated her career to public service in the North

CAS Legal Mailbag – 1/26/23