New York governor Andrew Cuomo has announced a cybersecurity regulation that will protect consumer data and financial systems from terrorist organisations and other cyber criminals.

The final risk-based regulation, which is set to take effect on 1 March 2017, will require banks, insurance firms, and other financial services institutions regulated by the Department of Financial Services to take on a cybersecurity programme developed to protect consumers’ private data.

It will also require financial institution to have a programme that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the senior governing body of the organisation.

Financial institutions will have to maintain risk-based minimum standards for technology systems, such as access controls, data protection including encryption, and penetration testing.

The rule requires identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance.

Commenting on the regulation, Cuomo said: "New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever increasing threat of cyber-attacks. These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes."

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

New York State department of financial services superintendent Maria Vullo said, “With this landmark regulation, DFS is ensuring that New York consumers can trust that their financial institutions have protocols in place to protect the security and privacy of their sensitive personal information.

“As our global financial network becomes even more interconnected and entities around the world increasingly suffer information breaches, New York is leading the charge to combat the ever-increasing risk of cyber-attacks.”