Companies are bracing for a new era of enforcement as New York, the most active state regulator on cyber, rolls out its last set of security requirements Nov. 1.
The final amendments to the New York State Department of Financial Services’ Cybersecurity Regulation require companies to implement authentication controls and maintain a complete inventory of their systems. The deadline marks the end of a two-year phase-in schedule of updates to the state’s 2017 cybersecurity rules, which established cyber requirements for financial, banking, and insurance entities operating in New York.
Since November 2023, mandates on reporting ransomware payments, reviewing risk assessments, ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.