Cybersecurity Law Report | Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws | News & Insights

Blog Posts May 1, 2025

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today

Today, on May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take effect. Although the Second Amendment was originally adopted in November of 2023, NYDFS established a multi-year rollout of the Second Amendment’s requirements, […]

The post Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts April 18, 2025

2025 State Cybersecurity Legislation Focuses on Financial Services

Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the first state regulation to enumerate, in great detail, the elements of a cybersecurity program that a covered financial service company […]

The post 2025 State Cybersecurity Legislation Focuses on Financial Services appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Advisories April 16, 2025

Privacy, Cyber & Data Strategy Advisory | Cybersecurity Controls: What Do Regulators Expect Nowadays?

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares practical tips for companies navigating this rapidly evolving territory.

Advisories January 16, 2025

Privacy, Cyber & Data Strategy / Immigration Advisory | North Korean IT Remote Worker Fraud Scheme Data Security and Employment Law Impact

The recent indictment of 14 North Korean nationals for fraudulently obtaining remote IT jobs with U.S.-based companies underscores the importance of vigilant hiring practices. Our Privacy, Cyber & Data Strategy and Immigration teams offer actionable steps businesses can take to avoid worker fraud schemes while complying with federal and state antidiscrimination laws.

Advisories October 24, 2024

Privacy, Cyber & Data Strategy Advisory: NYDFS Issues Guidance on Artificial-Intelligence-Related Cybersecurity Risks

Our Privacy, Cyber & Data Strategy Team explores new guidance from the New York Department of Financial Services for covered entities to combat what it considers the most pressing cybersecurity risks of artificial intelligence (AI).