The latest proposals refine requirements for covered entities in financial services, including establishing a chief information security officer to oversee cybersecurity.
08/29/2023 3:10 P.M.
1 minute read
The New York Department of Financial Services (NYDFS) is reviewing amendments to its cybersecurity requirements for financial services companies.
NYDFS proposed an updated cybersecurity regulation last year and these amendments are based on comments from stakeholders.
The original regulation, introduced in 2017, established a regulatory model that is now used by both federal and state financial regulators. The department has taken a data-driven approach to amending regulation to ensure that regulated entities address new and increasing cybersecurity threats with the most effective controls and best practices to protect consumers and businesses, ACA International previously reported.
The proposed amendments include new requirements and definitions of a chief information security officer (CISO) and requirements for “Class A companies,” which include covered entities with at least $20 million in gross annual revenue.
Read a complete summary (PDF) from the NYDFS here.
Remember, subscribe to ACA Daily and Member Alerts under your My ACA profile when logged in to acainternational.org to receive updates on the ACA Huddle.