The New York Financial Department of Services provided details related to potential cybersecurity regulations for banks and insurance companies under its jurisdiction. The measures include requiring that firms appoint a chief information security officer and adopt a multi-stepped process for allowing employees and customers to log into their systems. If adopted, the regulations would require firms to adopt written cybersecurity policies and procedures in 12 areas, including customer data privacy and network security. Firms would also have to develop policies to require that outside service providers also keep data secure.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.