Coming to a State Near You… 

The nation’s first state-mandated Cybersecurity requirements for financial services companies went into effect in New York on March 1. Financial organizations, including banks and insurance companies, will be required to maintain cybersecurity programs. The rules will be phased in over the next two years. Most of the organizations now have 180 days to develop incident response plans and training programs. By March 1, 2018, the companies will also have to have established pen testing, risk assessment, and multifactor authentication practices. Some smaller companies are exempt from certain requirements.
As you would expect, there was mixed reaction. Security professionals praised the effort, trade organizations criticized the new law as being too costly and possibly conflicting with other authorities such as the Fed, OCC, and FFIEC.



Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!


If you have questions, call us at 612-326-3610. Feel free to pin or share about us on social media, too!