Complying with New York’s Cybersecurity Requirements for Financial Services Companies
The New York State Department of Financial Services has issued new cybersecurity requirements for financial services companies – defined to include New York-chartered banks, Department of Financial Services-authorized branches of out-of-country foreign banks, and New York-licensed insurance companies and insurance agencies. Compliance with some requirements is required by August 28, 2017. Is your company prepared to comply?
This session with attorney Chrys Lemon will help you understand and comply with New York’s new cybersecurity requirements. Under the regulations, covered entities will have to conduct a cybersecurity risk assessment, develop and implement a cybersecurity program, adopt other cybersecurity practices, and ensure third-party service providers have adequate cybersecurity programs in place.
The National Association of Insurance Commissioners is looking to New York State’s cybersecurity regulation as the basis for its development of an insurance data security model law, for adoption by other states. New York’s regulation likely will also guide other states’ banking regulators. Thus, an understanding of New York State’s cybersecurity regulations will help your bank and insurance cybersecurity and compliance officers develop and implement multi-state programs for this important area of security for financial services companies. You will receive checklists, charts and calendars that completely detail all the regulatory requirements in an easy-to-use format.
Which entities are covered by the regulation, and which are exempt from part or all of it?
How does the regulation affect affiliates of covered entities?
What is a covered “information system”?
What is considered “nonpublic information”?
What constitutes a “cybersecurity event”?
What does a risk assessment involve?
What must be included in a cybersecurity program?
What are the requirements for incident response, authentication, third-party service providers and vulnerability assessments?
What are the compliance dates for all the new regulatory requirements?
What board and management oversight is required?
What are the notification requirements?
What questions and answers has the regulator provided to clarify issues for regulated entities?
Who Should Attend
Legal counsel for banks, insurance companies and insurance agencies
Chrys Lemon is a partner in McIntyre & Lemon, PLLC, in Washington, D.C. He specializes in financial services law, particularly related to marketing of consumer financial products and services, privacy law, insurance law, and regulation of financial institutions by the Consumer Financial Protecti...
Disclaimer: The content herein does not represent any association between CFPB and Eli Financial LLC. CFPB neither endorses any product of Eli Financial LLC nor warrants accuracy of the content hereto.