Proposed New York Cybersecurity Bill Requires Increased Protections for Financial Industry

On December 28, 2016, New York published a revised version of its proposed “Cybersecurity Requirements for Financial Services Companies” aimed at increasing the requirements and protections for information security, auditing, and reporting for financial institutions doing business within New York state. The regulation was announced on September 13, 2016 as the first-of-its-kind regulation to protect consumers and financial institutions and had intended to go into effect January 1, 2017. However, in response to the 45-day public comment period, a revised version was distributed mere days before the end of the year on December 28, 2016 with an expected implementation date of March 1, 2017.

 

Although the revised version will be subject to an additional 30-day public comment period, there are a number of key provisions in the current versions that financial institutions should be aware of.

 

To read the entire blog post, click here.