New York Department of Financial Services Issues Updated Proposed Cybersecurity RegulationOn December 28, 2016, the New York State Department of Financial Services (“DFS“) announced that it has updated its proposed first‑in‑the‑nation cybersecurity regulation. The proposed regulation, which will be effective March 1, 2017, will require banks, insurance companies and other financial services institutions regulated by DFS to adopt a cybersecurity program by assessing its specific risk profile and designing a program to address these risks accordingly.

According to the DFS, “This updated proposal allows an appropriate period of time for regulated entities to review the rule before it becomes final and make certain that their systems can effectively and efficiently meet the risks associated with cyber threats.”