On September 13, 2016, the New York State Department of Financial Services published draft regulations addressing Cybersecurity and related business continuity issues for it’s over 3,000 regulated entities in the state. On Dec 28, 2016, DFS came out with revisions. These regulations for Financial Institutions and Insurance companies, is just as pertinent to all organization who wish to have resiliency.
The New York State Department of Financial Services has modified its proposed cyber security regulations and delayed their start date by two months. The proposed regulations are now slated to go into effect on March 1, 2017, with a 180-day compliance window.
DFS’s press release concerning the new regulations can be found here – http://www.dfs.ny.gov/about/press/pr1612281.htm
According to Governor Andrew M. Cuomo, these are “first-in-the-nation” regulations” designed to protect New York State from the ever-growing threat of cyber-attacks. They “requires banks, insurance companies, and other financial services institutions regulated by the State Department of Financial Services to establish and maintain a Cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.”
To address these issues, the ACP (Association of Continuity Professionals) is hosting an event. Join us to learn more about how you can stay in compliance.
Date: January 18, 2017
Time: 1:00 pm – 4:00 pm
Location: Harter Secrest & Emery, 16000 Bausch and Lomb Place, Rochester, NY 14604
RSVP to Denise Hubbard at (585) 231-1294 or DHubbard@HSElaw.com
Michael C. Redmond, EFPR Group, will cover what must be developed, how to implement it, and how to manage and test your program.
- How to establish a Cybersecurity program
- Creating Cybersecurity policies
- Chief Information Security Officer responsibilities
- Third-Party Service Providers policies and procedures to ensure the security of information systems
- Additional Requirements of the regulation
F. Paul Greene, of Harter Secrest & Emery LLP, will discuss these “first in the nation” regulations, their sweeping reach, and the pitfalls and ambiguities they contain. He will also discuss the implications these regulations raise for entities not under the regulatory reach of NYS DFS, and for Cybersecurity and business continuity compliance generally.