• Register
Return to: Home > News > New York announces new cybersecurity regulations

New York announces new cybersecurity regulations

New York governor Andrew Cuomo has announced a cybersecurity regulation that will protect consumer data and financial systems from terrorist organisations and other cyber criminals.

The final risk-based regulation, which is set to take effect on 1 March 2017, will require banks, insurance firms, and other financial services institutions regulated by the Department of Financial Services to take on a cybersecurity programme developed to protect consumers’ private data.

It will also require financial institution to have a programme that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the senior governing body of the organisation.

Financial institutions will have to maintain risk-based minimum standards for technology systems, such as access controls, data protection including encryption, and penetration testing.

The rule requires identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance.

Commenting on the regulation, Cuomo said: "New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever increasing threat of cyber-attacks. These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes."

New York State department of financial services superintendent Maria Vullo said, “With this landmark regulation, DFS is ensuring that New York consumers can trust that their financial institutions have protocols in place to protect the security and privacy of their sensitive personal information.

“As our global financial network becomes even more interconnected and entities around the world increasingly suffer information breaches, New York is leading the charge to combat the ever-increasing risk of cyber-attacks.”

Top Content

  • Nets partners Chainalysis to facilitate validation of virtual currencies

    Danish payments processor Nets has joined forces with distributed ledger technology provider Chainalysis to help banks validate virtual currencies such as bitcoin and comply with anti-money laundering rules.

    read more
  • Hearsay rolls out new enterprise compliance platform

    US-based financial technology provider Hearsay has unveiled the next generation of its enterprise compliance platform to better counter social and digital risk.

    read more
  • UBS deploys electronic signature service

    Swiss banking giant UBS has deployed the Qualified Electronic Signature (QES) service from Cryptomathic and SwissSign to strengthen security and control of its document management.

    read more
  • SIX Payment Services taps IBM technology to boost cyber security

    SIX Payment Services has selected IBM Watson for Cyber Security to develop a next-generation Security Operations Center (SOC) in order to boost cyber defence and provide customers security services for compliance with Swiss privacy and financial market regulations.

    read more
  • Scotiabank, Cardtronics extend ATM deal at 7-Eleven Canada stores

    The Bank of Nova Scotia (Scotiabank) has extended its ATM branding agreement with Cardtronics to give its customers surcharge-free ATM access at over 640 Scotiabank-branded ATMs at 7-Eleven Canada stores across Canada.

    read more
Privacy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.