New York First in Nation to Implement Statewide Cybersecurity Regulation for Financial Services Industry
One point five million dollars. That’s how much it’s going to cost an independent mortgage lender after New York’s Department of Financial Services determined the company violated a lesser-known cybersecurity mandate known as the state’s Cybersecurity Regulation.
What is the Financial Services Cybersecurity Regulation?
New York is the first state in the nation to successfully pass and implement a statewide Cybersecurity Regulation designed to protect consumers and the financial services industry from data breaches and cyber-attacks. The rule, 23 CRR-NY 500.0 NY-CRR, went into effect on Aug. 29, 2017, and the state’s Department of Financial Services (DFS) oversees it.
Similar to the effect of GDPR on organizations that handle sensitive and protected data for European Union (EU) residents, regardless of organization location, New York’s Cybersecurity Regulation applies to DFS-regulated organizations authorized to do business in the state through its banking law, financial services law, or insurance law—regardless of the organization’s headquarters’ location….
