May 26, 2020

Deadline Approaching under NY Cybersecurity Regulations

If your company is one of the broad group of businesses licensed by the New York Department of Financial Services (NY DFS), a very important deadline is bearing down on February 15.   Regulated entities have under Thursday to attest to their compliance with the first-in-the-U.S. cybersecurity regulations (details and links are in blog post below).   The regulations require that “the Chairperson of the Board of Directors or Senior Officer(s)” must certify (in writing) that the organization is compliant with all the cybersecurity regulations, including systems controls and testing, incident response plans, high-level approvals of written policies, appointement of a Chief Information Security Officer, and cybersecurity reviews.

NY DFS Superintendent Maria Vullo recently issued a reminder of the February 15 deadline, and announced that a cybersecurity review will be included in the DFS’ regular safety and soundness bank examinations.

©1994-2020 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

TRENDING LEGAL ANALYSIS


About this Author

Cynthia Larose, Privacy, Security, Attorney, Mintz Levin, Law Firm, electronic transactions lawyer
Member / Chair, Privacy & Cybersecurity Practice

Cynthia is a highly regarded authority in the privacy and security field and a Certified Information Privacy Professional (CIPP). She handles the full range of data security issues for companies of all sizes, from start-ups to major corporations. Cynthia is masterful at conducting privacy audits; crafting procedures to protect data; advising clients on state, federal, and international laws and regulations on information use and data security; helping organizations respond to breaches; and planning data transfers associated with corporate transactions. She is an in-...

617-348-1732