"Guidelines for Cybersecurity Will Impact
Banks, Insurers," Daily Report

January 3, 2017
David F. Katz , Elizabeth K. Hinson


In an article published on Dec. 27, 2016 in the Daily Report, Nelson Mullins attorneys David Katz and Bess Hinson provide insight on how the New York State Department of Financial Services' (NYDFS) expansion of regulation into cybersecurity risk management will impact banks and insurers. Most important, New York sets precedent as the first state in the nation to require its financial institutions to establish and maintain a cybersecurity program. Other states are likely to follow suit as consumers and legislators become increasingly focused on the integrity of the financial services industry following high-profile attacks, explains Mr. Katz and Ms. Hinson. The rules require covered companies to establish a cybersecurity program, adopt a cybersecurity policy, designate a chief information security officer (CISO), ensure the security of nonpublic information held by third parties, as well as conduct annual penetration testing and vulnerability assessments and train personnel on cybersecurity, among other requirements. For the full article, subscribers to the Daily Report may click here.