Cuomo Announces Strengthened Cybersecurity Requirements

On March 1, 2017, the newly proposed cyber regulation (23-NYCRR-500) for New York-registered financial institutions took effect. It requires covered entities to employ “necessary safeguards in place to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes,” said New York Governor Andrew M. Cuomo. In many respects, 23-NYCRR-500 is consistent with principles and requirements from similar cybersecurity regulations imposed onto state-regulated businesses such as SB 1386 in California, 201-CMR-17 in Massachusetts, Chapter 603A in Nevada or other financial industry regulations, including the U.S. Securities and Exchange Commission’s Cybersecurity Initiative and NFA Cybersecurity Interpretive Notice.

Read More