New York DFS Cybersecurity Rules Take Effect March 1

New York’s 23 NYCRR 500 Cybersecurity rule goes into effect on March 1, 2017 requiring banks and other financial services companies to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of the state’s financial services industry.

Social Engineering & Ransomware

If you were asked to describe a hacker, what image comes to mind? If you’re like most, you are probably picturing unintelligible text flying across a monitor as young men in black hoodies attempt to break into networks, engaging in a very technical dance and speaking in terms the average layperson would not understand.

SEC: Prioritizing Cybersecurity

The SEC has expanded its cybersecurity examinations to include testing of firms’ implementation of procedures and controls

Encrypted? So What, Says Tennessee

In a first for the country’s growing body of state breach notification laws, Tennessee has recently amended its law to require notification even if the information subject to a breach was encrypted, and regardless of whether the encryption key itself … Read more

Cybersecurity: Time’s Up!

For some attacks, the amount of time to compromise and exfiltrate data is measured in seconds. Time is of the essence when a potential incident occurs.

Corporate Responsibility For Cybersecurity

Introduction Financial services are target No. 1. That was confirmed in a 2014 SEC cybersecurity roundtable when Larry Zelvin, then a top cybersecurity official of the U.S. Department of Homeland Security, laid out the agency’s rankings of the nation’s most … Read more