Advocacy; Industry News; Cyber

Changes Are Coming To the Cybersecurity Regulation

You may have received an email message from DFS announcing the proposed changes. That message informed recipients that they may provide comments to the department between now and Jan. 9, 2023.The 20-page proposal closely resembles a pre-proposal draft DFS published last July. Big I New York provided comments to the department in response, and DFS appears to have taken some of our comments into consideration as they wrote the formal proposed amendments.Many of the amendments are targeted toward larger “covered entities” (the regulation’s term for any person or organization licensed under the state’s banking, financial services or insurance laws,) such as insurance carriers and banks.…

Continue ReadingChanges Are Coming To the Cybersecurity Regulation

DFS Appoints Deputy Superintendent of New Cybersecurity Division

Acting DFS Superintendent Linda Lacewell has appointed Justin Herring as Executive Deputy Superintendent of the Department’s newly created Cybersecurity Division. The new Cybersecurity Division will enforce the Department’s cybersecurity regulations, advise on cybersecurity examinations, issue guidance on DFS’s cybersecurity regulations, and conduct cyber-related investigations in coordination with the Consumer Protection and Financial Enforcement Division. Herring also serves as Chief of the U.S. Attorney’s Office of New Jersey’s Cyber Crimes Unit, supervising all cybercrime cases in the District of New Jersey​. This is the latest indication that the Department intends to aggressively enforce the state's cybersecurity regulation, which applies to all entities licensed by the  DFS. As a reminder, Big I NY members…

Continue ReadingDFS Appoints Deputy Superintendent of New Cybersecurity Division

How to File Your Annual Certification of Compliance if You Are an LLC

If you are a Limited Liability Company (LLC) you will be interested in this. Several Big I New York members reached out to find out how they should complete the annual Certification of Compliance required by the NY cyber regulation 23 NYCRR 500. We want to let you know about a clarification we received from the Department of Financial Services (DFS) specific to LLCs.​ When filing your annual Certification of Compliance with the DFS as required by the cybersecurity regulation you are asked to report who reviewed the Certification of Compliance – the Board of Directors or Senior Officer(s).  Since an LLC typically does not…

Continue ReadingHow to File Your Annual Certification of Compliance if You Are an LLC