- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Aaron Nicodemus2024-05-14T16:59:00
The New York State Department of Financial Services (NYDFS) issued guidance for small businesses attempting to comply with its cybersecurity regulations.
New York has had rules for financial institutions regarding cybersecurity in place since 2017. The state issued amended rules in 2023 that require financial institutions to conduct risk assessments more often and improve governance.
Under the amended rules, “[C]overed entities must maintain a cybersecurity program designed to identify and assess cybersecurity risks; protect nonpublic information (such as confidential customer information or sensitive business information) and the computers, phones, and other electronic devices storing such information from unauthorized access and other malicious acts; detect, respond, and recover from cybersecurity events; and comply with applicable regulatory reporting obligations,” the NYDFS said Monday in a guidance letter.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
A business communications and marketing services company agreed to pay more than $2 million to settle charges levied by the Securities and Exchange Commission over cybersecurity-related control violations.
Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.
The Environmental Protection Agency is increasing its inspections of public drinking water systems after finding a majority of those reviewed were vulnerable to cyberattacks and related threats.
The U.S. Supreme Court extended the statute of limitations for businesses attempting to challenge some federal regulations, allowing regulated entities a longer timeline to appeal a decision.
The Supreme Court of the United States overturned a long-held precedent in which courts deferred to federal agencies in interpreting complex or ambiguous regulations–a decision that could make thousands of federal regulations more vulnerable to legal challenges.
Financial institutions would be required to conduct more thorough risk assessments on their anti-money laundering/countering the financing of terrorism programs under a new rule proposed by the Treasury Department’s Financial Crimes Enforcement Network.
