Cybersecurity Law Report | Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws | News & Insights

Blog Posts April 18, 2025

2025 State Cybersecurity Legislation Focuses on Financial Services

Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the first state regulation to enumerate, in great detail, the elements of a cybersecurity program that a covered financial service company […]

The post 2025 State Cybersecurity Legislation Focuses on Financial Services appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Advisories April 16, 2025

Privacy, Cyber & Data Strategy Advisory | Cybersecurity Controls: What Do Regulators Expect Nowadays?

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares practical tips for companies navigating this rapidly evolving territory.

Advisories January 16, 2025

Privacy, Cyber & Data Strategy / Immigration Advisory | North Korean IT Remote Worker Fraud Scheme Data Security and Employment Law Impact

The recent indictment of 14 North Korean nationals for fraudulently obtaining remote IT jobs with U.S.-based companies underscores the importance of vigilant hiring practices. Our Privacy, Cyber & Data Strategy and Immigration teams offer actionable steps businesses can take to avoid worker fraud schemes while complying with federal and state antidiscrimination laws.

Advisories October 24, 2024

Privacy, Cyber & Data Strategy Advisory: NYDFS Issues Guidance on Artificial-Intelligence-Related Cybersecurity Risks

Our Privacy, Cyber & Data Strategy Team explores new guidance from the New York Department of Financial Services for covered entities to combat what it considers the most pressing cybersecurity risks of artificial intelligence (AI).

Blog Posts October 17, 2024

NYDFS Issues Guidance on Artificial Intelligence-related Cybersecurity Risks

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an industry letter covering Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Industry Letter”). The Industry Letter contains guidance for entities regulated by NYDFS (“Covered Entities”) in assessing and responding to cybersecurity risks related to the use […]

The post NYDFS Issues Guidance on Artificial Intelligence-related Cybersecurity Risks appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.