DFS

Transition period under New York Cybersecurity Regulation ends March 1, 2019

By Kathleen Scott (US) & Susan Ross (US) on January 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS”) Cybersecurity Regulation, 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Entities covered by the Regulation that utilize third party service providers, which include not only banks and insurers, but also other financial services institutions and licensees regulated by the DFS, will be required to implement third-party risk management programs by March 1.

February 15 deadline looms for first DFS Cybersecurity Certification

By Kathleen Scott (US) & Susan Ross (US) on February 8, 2018

February 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date. New York imposes cybersecurity requirements on all entities (covered entities) subject to the jurisdiction of the DFS, which include not only banks and insurers, but also any persons regulated by the DFS, including the newest DFS licensees, those engaged in virtual currency business activity.

Data Protection Report

DFS

Transition period under New York Cybersecurity Regulation ends March 1, 2019

February 15 deadline looms for first DFS Cybersecurity Certification

About

Topics

Archives