Latest Posts › NYDFS

Share:

New Amendments to NY DFS Cybersecurity Regulation: Big Changes for Big Companies, ‎and Other Implications

Effective November 1, 2023, the New York Department of Financial Services issued its second amended Cybersecurity Regulation (the “Regulation,” 23 NYCRR Part 500). The amendment follows extensive public comments, some of...more

New York DFS Cybersecurity Regulation Update: ‎Amendments Proposed November 2022

Licensees of the New York Department of Financial Services (“DFS”) should be tracking the proposed amendments to the DFS Cybersecurity Regulation. All covered entities under the Regulation will need to revisit their...more

New York Department of Financial Services Looks to Raise the Floor — Again — on Cybersecurity Regulation

Already considered among the most rigorous cybersecurity requirements for financial services companies, the existing New York Department of Financial Services (“NY DFS”) Cybersecurity Regulation (the “Regulation”) set the...more

New NY DFS Cyber Reg FAQs: Novel Approach to Notifications on Vendor Breaches; Cloud and Other Services Are Part of “Internal...

The New York Department of Financial Services (the “NY DFS”) has published three new FAQs that interpret certain requirements under its Cybersecurity Regulation (23 NYCRR 500, the “NY DFS Cyber Reg”) related to breaches by...more

NY DFS Releases Guidance on Multi-Factor Authentication

On December 7, 2021, the New York Department of Financial Services (“NY DFS”) released an industry letter providing guidance on Multi-Factor Authentication (“MFA”). MFA, which requires users of information systems to...more

NYDFS Alerts Insurance Industry on Cyber Threats to Auto Quote Functions

The New York Department of Financial Services (NYDFS) has now released a pair of alerts on the increase in cyberattacks on public facing insurance websites that provide instant quoting services to customers. If you provide...more

NY DFS Issues Guidance to Regulated Entities for Cybersecurity in the Remote Work Environment

Reminding NY DFS regulated entities that its Cybersecurity Regulation (23 NYCRR Part 500) requires assessment of cybersecurity risk, and the reporting of certain cybersecurity events within 72 hours, the DFS issued guidance...more

Cybersecurity Update: NYDFS, NAIC, and What's Going on in SC, OH, MI, and MS?

On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the DFS Regulation) took effect, requiring subject financial institutions (Covered Entities), including insurance companies, to,...more

Cybersecurity Update: NYDFS, NAIC, and What’s Going on in SC, OH, MI, and MS?

On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including insurance companies, (“Covered Entities”)...more

Third Party Service Provider Cybersecurity Management: The (Not Quite) Last Requirement of the New York Department of Financial...

In prior issues, we have reported on the various requirements imposed by the New York Department of Financial Services (the DFS) Cybersecurity Regulation (23 NYCRR 500) (the Regulation) on “Covered Entities,” which are...more

Insurance and Reinsurance Newsletter – September 2018

Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please...more

Follow the Leader: NYDFS Cybersecurity Regulation Leads the Way for Other States and Industries

The New York Department of Financial Services (NYDFS) blazed a cybersecurity trail with its 2017 regulation for the protection of information collected and processed in, and systems used in the operation of, the financial...more

NYDFS Cybersecurity Update: Two Transition Dates Remaining

Several of the new requirements of the New York State Department of Financial Services (DFS) Cybersecurity Regulation are now operative for firms and individuals engaged in financial services (including insurance companies...more

A Closer Look at the NAIC Insurance Data Security Model Law

Following New York’s lead after the Department of Financial Services (the NYDFS) promulgated its Cybersecurity Regulation, in October 2017 the NAIC adopted its Insurance Data Security Model Law (the NAIC Model) to establish...more

The March 1 Deadline for NY DFS Cyber Compliance: One Week to Go!

As we reported here, March 1, 2018 brings a new transition date, with a new set of compliance obligations for Covered Entities subject to the Cybersecurity Regulation of the New York Department of Financial Services. By...more

NY DFS Cybersecurity Compliance Certificate Required Today; Additional Requirements Looming

As previously warned, February 15, 2018 is the first annual deadline for individuals and companies licensed or otherwise authorized under the New York Insurance, Banking and Financial Services laws (defined as Covered...more

Cybersecurity Reminder and Heads Up from NY DFS: File Cybersecurity Reg Compliance Certificates, and Prepare for Cybersecurity...

A press release issued by the New York Department of Financial Services on January 22, 2018 reminds Covered Entities (including banks, insurers and producers, and others regulated by DFS) of their obligation to file a...more

Less than One Month To Go!

On February 15, many insurance companies, producers and others with New York DFS licenses and other authorizations (except for certain entities and employees who have filed for an exemption) will need to file a compliance...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

Insurers and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation, but for...more

Developing Cybersecurity Requirements in Banking, Insurance and Other Financial Services

The financial services industry has been dealing with requirements for cybersecurity since 1999, but 2017 brought new, significant, and proliferating obligations. The bar for the whole industry was clearly raised by the...more

Forward Vision: New York’s Cybersecurity Regulation Imposes a Series of Deadlines

New York’s cybersecurity regulation that went into effect in March has far reaching implications. The first transition date for implementation of several requirements of the state’s Department of Financial Services regulation...more

NAIC Adopts Model Cybersecurity Law

Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for...more

NY DFS Cybersecurity Exemption Filings due October 30

October 30, 2017 is the extended deadline for most Covered Entities claiming an exemption to file the Notice of Exemption required by the NY DFS Cybersecurity Regulation (23 NYCRR 500.19(e)). The filing deadline is 30 days...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

Insurance companies and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation,...more

New York’s Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To-Do List

With the compliance date only a few months away, licensees of the New York Department of Financial Services (DFS) must start taking action immediately to comply with the coming cybersecurity requirements, which will be more...more

26 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide