Amended N.Y. cyber regs up pressure on financial firms to combat risks
By 
Adrianne Appel2023-11-03T10:03:00
New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
The final amended rules are intended to improve risk mitigation and enhance cyber governance within the financial sector, said Gov. Kathy Hochul on Wednesday. The update amends the state’s 2017 cybersecurity regulations, which are enforced by the New York State Department of Financial Services (NYDFS).
The NYDFS will explain the amendments to businesses through a series of seminars, Hochul said.
Related articles
-
News BriefNYDFS offers cyber rule compliance template for small businesses
The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.
-
News BriefNYDFS issues guidance for responding to climate-related risks
The New York State Department of Financial Services issued guidance to regulated banking and lending institutions on managing material financial and operational risks related to climate change.
-
News BriefN.Y. hospitals face stiff cybersecurity requirements under proposed rules
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
More from Regulatory Policy
-
ArticleCalifornia climate rules cause uncertainty as CARB delays draft guidance
California has delayed the release of draft greenhouse gas reporting rules for businesses until early 2026, the California Air Resources Board said.
-
PremiumNew EU Data Act may impact companies’ GDPR compliance efforts
New rules that have recently come into effect across the EU will allow for greater transfers of data between companies, though experts fear the changes could conflict with Europe’s strict privacy legislation, which protects personal information.
-
ArticleNine states collaborating on data privacy enforcement across state lines
Nine states are collaborating to write and enforce comprehensive data privacy laws, in an effort to protect consumers across jurisdictions and due to the absence of a broad, federal privacy law.