NYDFS Proposes Significant Changes to Its Cybersecurity Rules (Part 2) – Answers to the Top 10 Questions from Our Webcast

8 August 2022
View Debevoise In Depth
Key takeaways:
  • On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Part 500 Cybersecurity Rules.
  • We provided our initial thoughts on the Draft Amendments in a blog post last week, and then had a webcast on August 5, 2022, during which we received dozens of questions, some of which we did not have time to answer.
  • In this update, we answer some of the questions we received in connection with our webcast and our initial blog post, which discussed the six categories of changes to the NYDFS’s Part 500 Cybersecurity Rules: Obligations for Larger (Class A) Companies, Governance, Risk Assessments, Technical Requirements, Notification Obligations, and Penalties . . . continue reading