- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-11-03T10:03:00
New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
The final amended rules are intended to improve risk mitigation and enhance cyber governance within the financial sector, said Gov. Kathy Hochul on Wednesday. The update amends the state’s 2017 cybersecurity regulations, which are enforced by the New York State Department of Financial Services (NYDFS).
The NYDFS will explain the amendments to businesses through a series of seminars, Hochul said.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.
The New York State Department of Financial Services issued guidance to regulated banking and lending institutions on managing material financial and operational risks related to climate change.
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
