Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
Will Resiliency Carry the Digital Asset Sector Through 2024: State-Level Developments — The Crypto Exchange Podcast
Climate Risk, the emerging risk
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
How the New York Department of Financial Services (DFS) Regulates Virtual Currency, a Close Look with Special Guest Kaitlin Asrow, Executive Deputy Superintendent of Research and Innovation, DFS
Compliance Into The Weeds - DFS Fines Carnival Cruise Lines for Cyber Failures
Compliance into the Weeds: DFS First Cyber Case-First American Title
Videocast: Asset management regulation in 2020 videocast series – Regulators step up pressure to implement LIBOR transition plans
Your Cyber Minute: State influences bring a new dawn of cyber regulations
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Your Cyber Minute: Harriet Pearson and Greg Lisa on the Proposed NYDFS Cyber Security Regulation
After years of regulatory uncertainty, the Trump administration has signaled a new approach to digital assets, including by establishing a working group focused on digital assets and nominating crypto-friendly chairs to the...more
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more
The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure...more
On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter providing guidance on how DFS-regulated entities (covered entities) should be evaluating and responding to artificial...more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
The National Institute of Science and Technology (NIST) has released NIST Cybersecurity Framework (2.0) (Framework 2.0). NIST released two earlier versions of the Framework for Improving Critical Infrastructure Cybersecurity...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
On January 17, 2024, the New York State Department of Financial Services (“NYSDFS”) released a proposed circular letter addressing the use of external consumer data and information sources (“ECDIS”) and artificial...more
On Jan. 17, the New York Department of Financial Services (“NYDFS” or “Department”) issued for public comment a proposed circular letter (“Circular”) for addressing the use of artificial intelligence systems (“AIS”) and...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks - As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
Last month, as the New York State Department of Financial Services (“DFS”) began phasing in amended cybersecurity regulations and continued enforcement actions against noncompliant entities, a wave of ransomware attacks...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On May 25, 2023, the New York Department of Financial Services (NYDFS) announced that OneMain Financial Group (OneMain) will pay a $4.25 million fine pursuant to a consent order to settle alleged violations of NYDFS’s...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
In 2020, we wrote about the increased regulatory attention on financial institutions’ obligations to detect and respond to human trafficking. In 2021, we wrote about how anti-human trafficking programs fit squarely in banks’...more
The New York Department of Financial Services (NYDFS) published its proposed amendment to its 23 NYCRR Part 500 (Cybersecurity Rules) on November 9, 2022, following the release of the draft version on July 29, 2022....more
The New York Department of Financial Services (NYDFS) on Nov. 9, 2022, released Proposed Amendments to its Cybersecurity Regulation. The NYDFS Cybersecurity Regulation was one of the first laws requiring companies to comply...more
Cyber fraud costs the financial services industry billions in losses each year and has been on the rise. Regulation has followed, creating risks of a different kind. This timely webinar will walk through some of the latest...more
Given recent regulatory activity and sentiments, companies must take an active role in maturing their cybersecurity programs so that they robustly counter potential risk. Current and future regulator activity, rulemaking, and...more
The National Institute of Standards and Technology (NIST) has released the second draft of its Artificial Intelligence (AI) Risk Management Framework (RMF) for comment. Comments are due by September 29, 2022. NIST, part of...more
The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated...more