Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

NY delays cyber-security rules for banks, will revise requirements

Joe Mont | December 22, 2016

New York's Department of Financial Services has delayed the implementation of its controversial new cyber-security rules for banks based in the state.

NYDFS is planning to announce an updated version of the requirements on Dec. 28, pushing the effective date to March 1, 2017.

First proposed in September, the regulation will require that banks, insurance companies, and other financial services institutions overseen by the NYDFS establish a cyber-security program; adopt a written cyber-security policy; designate a CISO responsible for implementing, overseeing, and enforcing its new program and policy; and have policies and procedures designed to ensure the security of information systems and non-public information accessible to, or held by, third-parties.

The cyber-security policy, prepared on at least an annual basis, must be...

Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.