Today, the New York Department of Financial Services (DFS) released a revised version of the proposed cybersecurity regulations that it first issued in September. According to a press release issued by DFS Superintendent Vullo, the new version of the proposed rules will be finalized following a 30-day notice and public comment period. Among the most […]
Cybersecurity
Center for Cyber & Homeland Security Issues Report on How the Private Sector Can Actively Defend Against Cyber Threats
Earlier this year, the Center for Cyber & Homeland Security at the George Washington University (“Center”) announced a new project on active defense against cyber threats. The Center established a high-level task force to examine these issues. The task force included prominent cybersecurity and industry experts, including Alston & Bird partner Michael Zweiback. The Task Force […]
Bank Regulators Issue Advanced Notice of Proposed Rulemaking on Cyber Risk Governance and Management Regulations
More regulators (apart from the FTC) are now taking note of cybersecurity issues in the financial services industry and are taking steps to protect the industry and its consumers. Earlier this year, the Consumer Financial Protection Bureau (“CFPB”) issued its first enforcement action on data security against an online payment system. In June, the Federal […]
New York State Financial Services Regulator Issues Proposed Cybersecurity Regulations
On September 13, 2016, Governor Andrew Cuomo announced the issuance of proposed “first-in-the-nation” cybersecurity regulations for entities regulated by the New York Department of Financial Services (DFS), including jurisdictional banks, insurance companies, and other financial institutions. The proposed regulation will be subject to a 45-day comment period prior to being issued as a final rule. […]
Report Suggests Organizations Still Vulnerable to Credential Management and Network Segmentation Attacks
The Multi-State Information Sharing and Analysis Center (MS-ISAC) published its 2016 mid-year review on August 22, 2016, highlighting large incidents of malware infections, with particular emphasis on ransomware and click fraud malware. In contrast to the MS-ISAC report, however, an August 2016 report suggests most organizations would benefit from addressing issues of credential management and […]