The New York Department of Financial Services’ (DFS) second enforcement action to date under its cybersecurity regulation underscores the importance of promptly investigating potential cybersecurity events. It also raises questions about whether insurance coverage would be available for amounts paid …
In March of 2017, the New York Department of Financial Services (DFS) implemented 23 NYCRR §500 (NY Reg. 500). In doing so, it became the first state regulatory authority to impose regulations that address cybersecurity concerns applicable to insurance-related entities …
This writing presents a framework that if adopted by insurance agencies and carriers could simplify and minimize the cost of complying with the New York Department of Finance Regulation 23 NYCRR Section 500.11 “Third-Party Service Provider Security” while simultaneously deploying …
The final implementation period for the New York Department of Financial Services’ (DFS) cybersecurity regulation covering DFS-regulated entities and licensed individuals ends March 1, 2019. New York’s first-in-the-nation cybersecurity regulation became effective March 1, 2017, and DFS implemented a two-year …
It has been more than a year and a half since the New York Department of Financial Services cybersecurity regulations (cyber rules) came into effect, and yet another compliance deadline has passed. Broadly, “covered entities,” which means you if you …
The third transitional period for New York’s first-in-the-nation cybersecurity regulation for all Department of Financial Services (DFS) regulated entities ends on September 4, 2018. Beginning on September 4, banks, insurance companies and other financial services institutions regulated by DFS are …
What were you planning to give the New York Department of Financial Services for Valentine’s Day? Hopefully, a certificate of compliance. It is hard to believe that almost a year has passed since the NYDFS cybersecurity regulations (Cyber Rules) became …
New York Department of Financial Services Superintendent Maria T. Vullo has reminded all regulated entities and licensed persons covered by the Department of Financial Services’s (DFS) cybersecurity regulation that the first certification of compliance must be filed on or prior …
If there were any remaining doubts about the vulnerability of our online systems, they were dispelled in September when giant credit reporting company Equifax revealed it was breached in July by cyber criminals, compromising the personal identifiable information (PII) of …
The New York Department of Financial Services (DFS) has issued cybersecurity requirements for financial services companies. Codified at 23 NYCRR §500, the law became effective on March 1, 2017, and requires insurance and insurance-related companies as well as brokers, agents …
