NYC’s cyber security rules raise concern

Author: Amélie Labbé | Published: 23 Nov 2016

New York state’s proposed cyber security regulation for financial services companies is by far the most comprehensive set of digital security rules in the US. It has been met with scepticism by some though.

The Department of Financial Services (DFS), which under head Benjamin Lawsky has made cyber security a priority, introduced proposed rules in late September to tighten digital security among the state’s many financial services companies. The consultation over those proposed rules is ongoing.

Strict rules 

These rules include the requirement for any licenced entity in the state to appoint a chief information security officer, and put in place measures to protect against cyber attacks.

The organisation will also have to implement a cyber security policy detailing measures in place – the proposed regulation also envisages the launch in 2018 of a so-called certification document signed by the board and submitted to the DFS. 

The...