Insights & Publications
© 2018 Debevoise & Plimpton LLP
New York Eases Proposed Cybersecurity Regulation for Financial Sector, But Practical Issues Remain
3 January 2017
View Client Update
The New York Department of Financial Services has issued a second-round draft of its proposed cybersecurity regulation, subject to a new notice and comment period and now slated to go into effect on March 1, 2017.
The new draft makes modest but meaningful changes towards a more risk-based and less prescriptive approach, maintaining the same broad range of cybersecurity requirements but building in some flexibility within most sections in response to industry comments.
Covered Entities will now have somewhat more latitude to design and execute a cybersecurity program based on risk assessments of their own circumstances, including greater flexibility with respect to the use of encryption, the supervision of third-party service providers, the reporting of cyber incidents to DFS, and the schedule for compliance with the regulation.
Cybersecurity & Data Privacy
White Collar & Regulatory Defense
European Funds Comment: Marketing Private Funds in Europe May be About to Get Even Harder
President Trump Bars Broadcom’s Proposed Takeover of Qualcomm
First French DPAs for Corruption Offences
Compliance & Enforcement
Bipartisan Consensus Emerges on Bank Regulatory Relief
The Banking Law Journal
UK Modern Slavery Act Transparency Statement
Debevoise Women's Review