INFRA
INFRA
INFRA
New York proposes cyber security regulations for financial institutions
New York state would be the first in the United States to implement its own set of cyber security regulations for financial services providers under proposed regulations presented last week.
Applicable to any company registered by the New York State Department of Financial Services, the regulations will require banks, insurance companies and other financial institutions to establish a cyber security program and appoint a chief information security officer. The state claims that the regulations are designed to protect consumers and ensure the safety and soundness of the financial services industry.
“New Yorkers must be confident that the banks, insurance companies and the other financial institutions that they rely on are securely handling and establishing necessary protocols that ensure the security and privacy of their sensitive personal information,” New York Financial Services Superintendent Maria T. Vullo said in a statement. “This updated proposal allows an appropriate period of time for regulated entities to review the rule before it becomes final and make certain that their systems can effectively and efficiently meet the risks associated with cyber threats.”
According to The Wall Street Journal, the regulations provide financial firms more flexibility than previous drafts, including allowing firms to report cyber attacks within 72 hours of determining that a breach happened, instead of having 72 hours from the time of the actual breach. The regulations also detail the requirement of firms to undertake periodic risk assessment of cyber security programs, encryption of non-public information, and the development of an incident response plan.
“It’s clear that New York State took the public’s concerns seriously, and in doing so, created a much stronger and more effective set of regulations that will protect both consumers and the banks themselves — without imposing needlessly burdensome or costly requirements,” Tanium Chief Security Officer David Damato told Financial Magnates. “They’ve gotten rid of the one-size-fits-all approach that hampered the original regulations by recognizing that each bank should tie their cybersecurity approach to their individual risk assessment. The State has also recognized that reporting every single incident — even unsuccessful ones — would have been unfeasible for large banks that see thousands of attempted intrusions every day.”
Implementation of the regulations has been pushed back to Mar. 1 after initially being proposed for this month, with financial institutions being given six months to comply.
Image credit: Pixabay/Public Domain CC0
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
