From: Insurance Journal
By Ebba Blitz
This year, the beginning of September marked a critical implementation deadline for some of the toughest new cybersecurity regulations in the country – the New York State Department of Financial Services (NYDFS) 23NYCRR 500. This set of regulations mandates that businesses supervised by the NYDFS – including banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies – protect consumers and trading partners from cyber attacks and data breaches.
This is because New York, arguably the pre- and post-Brexit financial center of the world, is implementing these regulations as a “direct response to the increasing number of cyber attacks on insurers and financial institutions,” observes the Harvard Law School Forum on Corporate Governance and Financial Regulation. Cyber attack examples include the 2015 attack on Anthem Inc., in which 78 million unencrypted records containing personal information were stolen, and the 2016 cyber attack on the central bank of Bangladesh, in which stolen SWIFT banking credentials and malware were used to illegally transfer $81 million of funds held at the Federal Reserve Bank of New York.
Leave a Reply