New York State DFS is Coming After Your Brokerage License
The First NYS Depart. of Financial Services (DFS) Transition Period Comes to an End August 28, 2017
On February 16, 2017, the New York State Department of Financial Services (“DFS”) published final cybersecurity regulations establishing a rigorous, first-in-the-nation cybersecurity regulation for financial institutions, and others that do business in the state, regardless where they are domiciled. The requirements from DFS go beyond what we’ve historically seen from regulators.
Given the significant amount of non-public information held or processed by financial institutions and increasing cybersecurity threats, these Rules were designed to ensure the protection of customer information and the information technology systems on which they persist. There are similarities to federal cyber protection regulations and guidelines; however, these Rules go further in some respects and codify certain industry practices.
Banks, insurance companies, and companies that do business in New York, regardless where they are domiciled, must now assess their cyber risks, implement a comprehensive, written cybersecurity program, as well as manage the cyber risks of their third-party vendors. The groundbreaking regulation holds company board members personally liable for annual compliance certification.
For a limited exemption, you must file with New York State by August t 28,2017
The regulation requires that all covered entities:
- Conduct a documented risk assessment
- Establish a risk-based cybersecurity program
- Adopt a written cybersecurity policy
- Designate a qualified CISO
- Implement written third-party cyber risk policies
- Establish a written incident response plan
- Notify the superintendent of DFS of any cybersecurity events
- Submit an annual certification of compliance
Is Your Business Prepared to Meet These Requirements?
The SMLR cybersecurity team is well-versed in the DFS regulation. We are ready to help companies – both mitigate risk and ensure compliance with all aspects of the DFS regulation.
CLICK HERE and register for a no charge one hour consultation.Buffer