November 7, 2023
On Nov.1, 2023, the New York State Department of Financial Services (NYDFS) finalized amendments to its 2018 regulations on cybersecurity to enhance cybersecurity governance, mitigate risks, and protect New York businesses and consumers from cyber threats. The amendments build upon the state’s existing cybersecurity regulations, which established an initial framework to protect against cyber threats, in an effort to improve safeguards for businesses and consumers.
“New York has always led the way in protecting businesses and consumers from online threats, and with these amendments to our nation-leading cybersecurity regulations, we are continuing to set the national standard,” Governor Hochul said. “On the heels of launching the State’s first-ever cybersecurity strategy, boosting state law enforcement’s cyber capabilities, and signing landmark legislation to protect our energy grid from cyberattacks, my administration is doubling down on our commitment to ensuring that financial institutions have the safeguards in place to protect vital customer data and maintain the integrity of our financial system.”
Key changes to regulations include:
What does this mean for me?
This announcement represents a step toward tighter cybersecurity controls, which could be replicated in other states. Advisers should pay attention to local announcements to make sure current cybersecurity measures are in compliance. If you have any questions, please let us know.