New York announces new cybersecurity regulations
New York governor Andrew Cuomo has announced a cybersecurity regulation that will protect consumer data and financial systems from terrorist organisations and other cyber criminals.
The final risk-based regulation, which is set to take effect on 1 March 2017, will require banks, insurance firms, and other financial services institutions regulated by the Department of Financial Services to take on a cybersecurity programme developed to protect consumers’ private data.
It will also require financial institution to have a programme that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the senior governing body of the organisation.
Financial institutions will have to maintain risk-based minimum standards for technology systems, such as access controls, data protection including encryption, and penetration testing.
The rule requires identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance.
Commenting on the regulation, Cuomo said: "New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever increasing threat of cyber-attacks. These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes."
New York State department of financial services superintendent Maria Vullo said, “With this landmark regulation, DFS is ensuring that New York consumers can trust that their financial institutions have protocols in place to protect the security and privacy of their sensitive personal information.
“As our global financial network becomes even more interconnected and entities around the world increasingly suffer information breaches, New York is leading the charge to combat the ever-increasing risk of cyber-attacks.”
Nets partners Chainalysis to facilitate validation of virtual currencies
Danish payments processor Nets has joined forces with distributed ledger technology provider Chainalysis to help banks validate virtual currencies such as bitcoin and comply with anti-money laundering rules.read more
Hearsay rolls out new enterprise compliance platform
US-based financial technology provider Hearsay has unveiled the next generation of its enterprise compliance platform to better counter social and digital risk.read more
UBS deploys electronic signature service
Swiss banking giant UBS has deployed the Qualified Electronic Signature (QES) service from Cryptomathic and SwissSign to strengthen security and control of its document management.read more
SIX Payment Services taps IBM technology to boost cyber security
SIX Payment Services has selected IBM Watson for Cyber Security to develop a next-generation Security Operations Center (SOC) in order to boost cyber defence and provide customers security services for compliance with Swiss privacy and financial market regulations.read more
Scotiabank, Cardtronics extend ATM deal at 7-Eleven Canada stores
The Bank of Nova Scotia (Scotiabank) has extended its ATM branding agreement with Cardtronics to give its customers surcharge-free ATM access at over 640 Scotiabank-branded ATMs at 7-Eleven Canada stores across Canada.read more