Changes to New York’s cybersecurity rules due to be in place January 1, 2017 have now been delayed. The regulations, which impact banks and insurance companies, will now come into effect March 1, 2017. The news was announced by
The New York State Department of Financial Services (DFS) and comes as banks and insurance companies have requested an extension of the deadline.
Announced in September 2016, the regulations impact issues such as encryption of nonpublic information and third-party service providers. The extension of the deadline comes amidst reports that representatives of banks and insurance companies were particularly seeking clarification of how the regulations should impact organizations of a range of sizes. The revised regulations are reported to be more flexible, giving companies a full 24 months to comply with revisions. The impact of New York’s cybersecurity rules will be scrutinized by other US states.
“New Yorkers must be confident that the banks, insurance companies and the other financial institutions that they rely on are securely handling and establishing necessary protocols that ensure the security and privacy of their sensitive personal information,” explained a Superintendent at the DFS, Maria Vullo in a press release. “This updated proposal allows an appropriate period of time for regulated entities to review the rule before it becomes final and make certain that their systems can effectively and efficiently meet the risks associated with cyber threats.”
Have you been impacted by the new regulations? Let us know the details. Add your comments below.
