Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 10-day trial to continue exploring with full access.

New York’s proposed cyber-security compliance challenge

Todd Taylor | December 23, 2016

Compliance officers working with banks, insurers, and other financial service companies doing business in New York may soon find themselves with expanded jobs due to new proposed cyber-security regulations scheduled to take effect in that state in 2017. The proposed regulations were issued by the New York Department of Financial Services (NYDFS) on September 13, 2016. While similar to existing federal data security regulations for financial institutions promulgated under the authority of the Gramm-Leach-Bliley Act (GLBA), New York’s proposed regulations contain potentially burdensome additional requirements that are not found in the GLBA-related federal regulations.

Impact of the regulations

New York’s proposed cyber-security regulations will cover any person or entity “operating under or required to operate under a license, registration … or similar authorization under” New York’s banking, insurance, or financial services laws (also known as Covered... To get the full story, subscribe now.