New York Mandates Reporting of Ransom Payments and Strengthens Cybersecurity Regulations
New York's Department of Financial Services has introduced new regulations requiring banks and other financial institutions to implement governance, reporting, and training measures to enhance their cybersecurity. The rules include a 24-hour deadline for reporting ransom payments made in connection with a ransomware event and a 30-day requirement to explain the reasons behind the payment. Banks must also implement multifactor authentication for employees and customers accessing their information systems. The regulations aim to protect customer data and maintain the integrity of the financial system in response to the increasing number of cyberattacks. The rules harmonize with existing regulations and frameworks and emphasize the role of boards in overseeing cybersecurity risk management. The regulations will be effective from November 1, with certain provisions taking effect at later dates.
- New York now requires banks to report ransom payments American Banker
- Incident Reporting: The Newly Proposed Cybersecurity Requirements | News & Events Clark Hill
- Weekly Update for Government Contractors and Commercial Businesses – November 2023 #2 JD Supra
- NYDFS Finalizes Amendments to Cybersecurity Regulation Impacting Financial Services Companies McDermott Will & Emery
- View Full Coverage on Google News
Reading Insights
0
1
3 min
vs 4 min read
81%
680 → 127 words
Want the full story? Read the original article
Read on American Banker