News & Analysis as of

NYDFS Data Security Risk Management

Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

Alston & Bird

Cybersecurity Controls: What Do Regulators Expect Nowadays?

Alston & Bird on

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Are Your Cybersecurity Controls Ready for the New York State Department of Financial Services' Deadlines?

In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Reminder: New York Cybersecurity Reporting Deadline April 15, 2025; New Regulations Effective May 1, 2025

Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Wiley Rein LLP

Continued Remote Hiring Concerns in IT Sector: What to Look for in 2025 and How to Mitigate Business Risk

Wiley Rein LLP on

Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more

Alston & Bird

Combatting the New Insider Threat: North Korean IT Workers Posing as Remote Employees

Alston & Bird on

The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure...more

Sheppard Mullin Richter & Hampton LLP

NYDFS Speaks Out on AI and its Cybersecurity Risks

The New York Department of Financial Services (“NYDFS”) recently published guidance on managing cyber risks related to AI for the financial services and insurance industry. Though the circular letter does not introduce any...more

Alston & Bird

Top 10 Issues General Counsel Need to Know About Ransomware in 2024

Alston & Bird on

Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more

Patterson Belknap Webb & Tyler LLP

New York’s Department of Financial Services Amplifies its Cybersecurity Regulations

On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more

Kramer Levin Naftalis & Frankel LLP

Cybersecurity, Privacy and Data Protection 2022 Year in Review

The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more

Sands Anderson PC

New York’s New Data Security Requirements

Sands Anderson PC on

In the fall of last year, we wrote about the passage of the SHIELD Act (the Act) in New York, which expanded aspects of the state’s breach notification requirements (Breach Requirements) and created a statutory obligation to...more

Hogan Lovells

New York State Expected to Increase Enforcement of Cybersecurity Practices

Hogan Lovells on

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more

Epstein Becker & Green

The New York State “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) Becomes Effective March 21, 2020: Is Your...

Time is running out. The effective date of New York’s cybersecurity law mandating that organizations implement an information security program to protect “private information” of New York State residents, including employee...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - January 2020 #2

Robinson & Cole LLP on

Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more

Robinson+Cole Data Privacy + Security Insider

New York DFS Issues Risk Alert Concerning Possible Iran Cyber-Attacks

In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter  to all regulated entities regarding the need for heightened cybersecurity precautions....more

Akin Gump Strauss Hauer & Feld LLP

Five New Requirements Under New York DFS Cybersecurity Regulation Go Into Effect on September 1, 2018

On September 1, 2018, five new requirements included in the New York State Department of Financial Services’ (DFS) Cybersecurity Regulation go into effect – (1) audit trails, (2) application security, (3) data disposal...more

The Volkov Law Group

Cybersecurity Compliance for Financial Institutions

The Volkov Law Group on

The New York Department of Financial Services has adopted detailed cybersecurity regulations for financial institutions. (Here). The NYDFS has filled a vacuum created by the failure of the federal government to act in this...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - December 2017

Robinson & Cole LLP on

The Consumer Financial Protection Bureau (CFPB), one of the watchdogs of the financial services industry, has announced through Acting Director Mick Mulvaney that it will no longer collect personal information of consumers...more

Skadden, Arps, Slate, Meagher & Flom LLP

"Cybersecurity Trends for Boards of Directors"

Cybersecurity has in recent years become an integral component of a board’s role in risk oversight, but directors often find themselves in unfamiliar territory when it comes to formulating policies and oversight processes...more

Hogan Lovells

2017 Resolutions for Community Banks: A Focus on Cybersecurity

Hogan Lovells on

In December 2016, Thomas Curry, the Comptroller of the Currency, stated that cybersecurity was the single greatest systemic threat to our financial system. He was not being hyperbolic. Cybersecurity should be on...more

Alston & Bird

The Digital Download - Alston & Bird’s Privacy & Data Security Newsletter – November 2016

Alston & Bird on

Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more

23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide