Forward Vision: New York’s Cybersecurity Regulation Imposes a Series of Deadlines

Best's Review
November 2017

Ted Augustinos, a member of the steering committee of the Privacy & Cybersecurity Practice Group of Locke Lord and Office Managing Partner of the Firm’s Hartford office, authored an article on the New York Department of Financial Services (NY DFS) cybersecurity regulations that went into effect in March 2017. Augustinos provided vital insight on the new requirements of two upcoming transition dates on March 1, 2018 and Sept. 3, 2018.

According to Augustinos, by the next transition date, “each covered entity will be required to complete its first risk assessment under written policies and procedures and document its findings” as well as fulfill requirements including multifactor or risk-based authentication and cybersecurity awareness training. In September, the requirements “include limitations on data retention, which applies to all covered entities.”

Finally, Augustinos notes that we should expect similar requirements to the NY DFS cybersecurity regulations to be imposed in other jurisdictions with state-specific mandates. 

To read the full article, click here.

Best's Review: November 2017
Copyrighted A.M. Best Company, Inc. 2017
All Rights Reserved, Reprinted with Permission