NY regulator urges firms to comply with cybersecurity regulation

Maria Nikolova

The final implementation period for the regulation ends March 1, 2019.

Financial Services Superintendent Maria T. Vullo today reminded all entities regulated by the New York State Department of Financial Services (DFS) that they have to be in full compliance with the cybersecurity regulation by March 1, 2019.

Let’s recall that New York’s cybersecurity regulation became effective March 1, 2017. DFS, however, offered a two-year timeline for implementation of the regulation’s requirements, with a final compliance deadline of March 1, 2019. The final step in the implementation timeline requires regulated entities that use third-party providers to put in place policies and procedures ensuring the security of information systems and nonpublic information accessible to, or held by, such providers.

Superintendent Vullo today also reminded all regulated entities that the second certification of compliance covering the prior calendar year must be filed electronically via the DFS cybersecurity portal not later than February 15, 2019.

Under the cybersecurity rules, all banks, insurance companies, and other financial services institutions and licensees regulated by DFS are now required to have a cybersecurity program in place that is designed to protect consumers’ private data. The cybersecurity program has to perform a number of core cybersecurity functions, such as identification and assessment of cybersecurity risks regarding the Nonpublic Information stored on the Covered Entity’s Information Systems. The program also has to detect cybersecurity events, and respond to such events.

The entities also have to have a written policy or policies that are approved by the board or a senior officer. This policy has to address matters like data governance and classification, risk assessment, and incident response.

The firms affected by the new rules must have a Chief Information Security Officer to help protect data and systems. They also must secure protections of data at third-party providers. Furthermore, they need to have in place controls and plans to help ensure the safety and soundness of New York’s financial services industry.

Finally, covered entities and licensees must also report cybersecurity events to DFS through the Department’s online cybersecurity portal.

Cyber security is high on the agenda of the United States National Futures Association (NFA) too. Early in January this year, NFA clarified the amendments to its Information Systems Security Programs Interpretive Notice. The Association plans a raft of changes, including a requirement for members to inform it about certain cybersecurity-related incidents. Members (other than futures commission merchants for which NFA is not the DSRO) will have notify NFA of cybersecurity incidents related to their commodity interest business that:

  • result in a loss of customer or counterparty funds or loss of a Member firm’s capital; or
  • if a Member notifies its customers or counterparties of an incident pursuant to state or federal law.

Read this next

Industry News

Horizon Software rebrands to Horizon Trading Solutions

“Horizon Trading Solutions has seen accelerated global growth over the past year to meet the rising demand for our trading solutions and built-for-purpose technology offering. The choice to rebrand represents a key part of this development, while maintaining our heritage and history in the industry.”

Market News

USDJPY has surged to levels last witnessed in 2022. Should we consider opening a short position?

The recent resurgence of the US dollar has propelled USD/JPY to new heights, touching levels not seen since 2022. This surge comes against the backdrop of stable short-term yields and ongoing economic data that fails to signal a significant slowdown, prompting questions about the extent of current monetary easing measures.

Digital Assets

DED Trends on Twitter After Memecoin Snapshot Announcement

Polkadot-backed community coin #DED, made it to the trending charts on X, demonstrating community’s engagement and interest behind the memecoin. 

Digital Assets

BlockDAG Presale Nears $10 Million Amid Toncoin’s Momentum, Green Bitcoin’s Presale, and the Rise of Other Top Cryptos

This article will examine three top trending topics: Toncoin’s potential, Green Bitcoin’s innovative presale, and BlockDAG’s sustainable mining approach. These cryptocurrencies take centre stage for their uniqueness and innovation.

Digital Assets

Coinbase scores minor victory vs SEC, but lawsuit to proceed

A federal judge in Manhattan, U.S. District Judge Katherine Polk Failla, ruled on Wednesday that the U.S. Securities and Exchange Commission’s (SEC) lawsuit against Coinbase can largely proceed.

Web3

COTI Teams Up with Civic for Enhanced Digital Identity Control

СOTI and Civic are teaming up to enhance digital identity security in Web3, aiming to provide users with more control over their digital selves through innovative technology.

Digital Assets

BlockDAG Takes on Chainlink (LINK) Crypto, and RON With DeFi Card and 5000x Profit Potential

Explore BlockDAG’s innovative DeFi card, which transforms cryptocurrency into spendable cash, alongside Chainlink (LINK) crypto and Ronin’s advancements.

Digital Assets

Court finally decides on Sam Bankman-Fried sentence, experts predict 20 years

Sam Bankman-Fried, the former CEO of the now-defunct cryptocurrency exchange FTX, is set to face sentencing on Thursday in a pivotal moment that could see the entrepreneur beginning a lengthy period in federal prison.

Crypto Insider

DeFi Winter Thaws: A Look at the Emerging Landscape

The past year has seen a significant shift in the Decentralized Finance (DeFi) market, transitioning from a period of decline (“DeFi winter”) to a potential season of growth.

<