The New York State Department of Financial Services (DFS) recently updated its proposed first-of-its-kind cybersecurity regulation to provide protections to the state of New York from the growing concern of cyber attacks.
The new regulation, which will be effective on March 1, will require banks, insurance companies, and other related financial services institutions that are regulated by DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure safety of New York’s financial services.
“New Yorkers must be confident that the banks, insurance companies and the other financial institutions that they rely on are securely handling and establishing necessary protocols that ensure the security and privacy of their sensitive personal information,” said DFS Superintendent Maria T. Vullo. “This updated proposal allows an appropriate period of time for regulated entities to review the rule before it becomes final and make certain that their systems can effectively and efficiently meet the risks associated with cyber threats.”
DFS said all comments were considered regarding the proposed 45-day comment period and has incorporated suggestions that DFS deemed appropriate in an updated draft. The updated draft will be subject to an additional 30-day comment period starting on Dec. 15.