Search Results for: NYDFS

Rhode Island’s New Cybersecurity Law for Nonbank Financial Institutions

August 22, 2025 By Kim Peretti, Alysa Austin, Ashley Miller and Lance Taubin

Rhode Island has enacted Senate Bill 603 (SB603), effective July 2, 2025, establishing a comprehensive cybersecurity framework for nonbank financial institutions licensed by the state’s Department of Business Regulation (DBR). Although SB603 is closely modeled after the New York Department of Financial Services’ (NYDFS) Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500), SB603 introduces several […]

FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements

January 21, 2025 By Kim Peretti, Lance Taubin and Carson Kuck

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of the FTC Act. GoDaddy, a website hosting company, serves approximately 5 million customers. In the complaint, the FTC indicated that although GoDaddy […]

Combatting the New Insider Threat: North Korean IT Workers Posing as Remote Employees

November 6, 2024 By Kim Peretti and Zain Haq

The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure jobs at prominent companies, generate revenue for the regime, and have the potential to expose sensitive corporate data. These highly sophisticated […]

NY DFS Releases Revised Proposed Second Amendment of its Cybersecurity Regulation

July 11, 2023 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“NY DFS”) published an updated proposed Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500) in the New York State Register on June 28, 2023, updating its previous proposed Second Amendment, which was published November 9, 2022. While the language proposed is largely similar to the previous […]

FTC Revises the Safeguards Rule and Proposes Mandatory Reporting of Cybersecurity Events

November 1, 2021 By Kathleen Benway, Kim Peretti and Kate Hanniford

On October 27, 2021, the FTC released its much-anticipated final revisions to the Gramm-Leach-Bliley Safeguards Rule (Safeguards Rule or Final Rule), following a 3-2 vote along party lines and also released a notice of proposed rulemaking that would require reporting to the FTC of certain cybersecurity events. Revisions to the Safeguards Rule Effective since 2003, […]