Ask Tim; Cyber

​Entities that the New York State Department of Financial Services (DFS) will soon complete the compliance filings that the financial services cybersecurity regulation requires. This year they will notice a change. The DFS regulates entities in the banking, financial services, and insurance sectors. These entities must submit a statement by April 15 each year about the state of their compliance with the regulation's requirements. Before this year, they had to submit a statement that they were complying with them during the prior calendar year. An amendment to the regulation that took effect last November 1 expanded that requirement. Entities will have to complete and submit…

​With the New York State Department of Financial Services' (DFS) recent adoption of the second amendment to the Cybersecurity Requirements For Financial Services Companies regulation​, members have naturally been contacting us to ask what they're required to do. The overwhelming majority of Big I NY members qualify for the limited exemption. If you're agency is one of them, here are the sections of the regulation you must comply with regardless of your agency's size:Section 500.2, Cybersecurity Program - you must have a program in place to protect your computer network and any nonpublic information (NPI) stored on it. The program is made up of the devices…

​As we reported yesterday​, the New York State Department of Financial Services has adopted its long-planned amendments to its Cybersecurity Requirements for Financial Services Companies regulation. We have prepared a summary of the changes in order of the dates when compliance is required. We plan to provide videos and other media to further explain the changes. Also, watch for your cha​nce to register for a special Gear Up presentation on the amendments later this month. Download the Summary Read the Text of the Amendments​Source