New York Department of Financial Services Delays Compliance Deadline for Cybersecurity Regulations

Nossaman LLP
Contact

On October 25, the Privacy Law Report featured a blog post on new cybersecurity regulations being implemented by the New York Department of Financial Services (“DFS”).  Those regulations impose a number of requirements on financial institutions, including banks and insurance companies, such as the implementation of cybersecurity programs, the manner in which those companies handle data breaches, and the necessity for those companies to appoint a chief information security officer.  While these rules certainly advance a good cause, there has been significant push back from the banks to buy more time before the rules go into effect.  In particular, smaller institutions have complained that the rules provide no differentiation between small and large institutions.  Because of these concerns, the DFS has now agreed to move the compliance date from January 1 to March 1.

It will be interesting to see how the coming months will play out.  It shouldn’t come as a major surprise that these companies have pushed back – the rules will require them to implement changes that will require additional manpower and cost.  And as noted, this is a particular concern for smaller companies for which the increased expense will have a larger impact.  It is no secret that the cost of defending against cyber attacks has long been discussed a major limiting factor in the world of cybersecurity.  Nonetheless, these DFS rules will be the first of their kind, and thus may have a broad impact on shaping the drafting of cybersecurity rules to be implemented by other state agencies.  When these rules go into effect, companies should pay close attention to how the DFS tests its new rules and regulations in addition to any changes to the draft rules.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Nossaman LLP

Written by:

Nossaman LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Nossaman LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide