New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday.
Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial Services.
The New York agency is a national leader in cybersecurity regulation, with other state and federal regulators adopting its approach—the Federal Trade Commission notably said its newest breach reporting standards were “based primarily” on rules first established in New York.
The changes to the New ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.