In this month’s edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services’ issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit’s ruling denying standing on the basis of the possibility of future identity theft and NIST’s guidance regarding its cybersecurity and technology goals for 2021 and the future.
New York Department of Financial Services Issues First-of-Its-Kind Cyber Insurance Risk Framework
Eleventh Circuit Holds Future Risk of Identity Theft in Data Breach Suit Does Not Establish Standing
NIST Releases Its Cybersecurity and Privacy Priorities for 2021 and Beyond
New York Department of Financial Services Issues First-of-Its-Kind Cyber Insurance Risk Framework
On February 4, 2021, the New York Department of Financial Services (DFS) issued Circular Letter No. 2, which introduced a Cyber Insurance Risk Framework directed to New York-regulated property/casualty insurers that outlines best practices for managing cyber insurance risk. The framework is the first-ever guidance by a U.S. regulator on cyber insurance.
Background
In its introduction to the framework, DFS noted that as…
