From: JD Supra
Faced with an approaching August 28th deadline, the more than 3,000 financial institutions that do business in New York should be knee-deep in implementing the first wave of requirements under the State’s sweeping and unprecedented cybersecurity regulation.
As readers of this blog know, New York’s powerful banking regulator, the Department of Financial Services, has enacted the country’s toughest cybersecurity regulation. Effective as of March 1, 2017, the regulation requires banks, insurance companies and financial institutions under the agency’s supervision to design and implement a comprehensive, risk-based and accountability-driven set of data security safeguards and protections. Although the deadlines for compliance are staggered, the August 28th requirements include: