Cybersecurity Law Report | Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws | News & Insights

Advisories April 9, 2024

Privacy, Cyber & Data Strategy / Securities Litigation Advisory: Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?

New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant cybersecurity incident? Members of our Privacy, Cyber & Data Strategy Team and our Securities Litigation Group weigh in.

Blog Posts January 30, 2024

New York DFS to Impose Climate Change Safety and Soundness Expectations on Mortgage Lenders, Servicers, and other Regulated Organizations

What Happened? On December 21, 2023, the New York Department of Financial Services (“NYDFS”) published an 18-page guidance document (the “Guidance”) on managing material, financial and operational risks due to climate change. The NYDFS issued the Guidance after considering feedback it received on proposed guidance it issued in December 2022 on the same topic. The Guidance […]

The post New York DFS to Impose Climate Change Safety and Soundness Expectations on Mortgage Lenders, Servicers, and other Regulated Organizations appeared first on Alston & Bird Consumer Finance ABstract.

Blog Posts January 9, 2024

Consumer Finance ABstract 2023 Year-End Reprise

As we reflect on the previous year and look toward the new year, we thought you’d appreciate our top 20 most-read Consumer Finance ABstract posts from 2023...

Blog Posts December 18, 2023

NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations

After a three-year investigation/enforcement action by the New York Department of Financial Services (“NYDFS”), NYDFS entered into a Consent Order with a large title insurer (the “Company”) for its violation of NYDFS’s Cybersecurity Regulation (23 NYCRR Part 500) (the “Regulation”), specifically, its failure to protect non-public information (“NPI”). NYDFS originally brought the enforcement action in […]

The post NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts November 14, 2023

NYDFS Finalizes Second Amendment to Its Cybersecurity Regulation

On November 1, 2023, the New York Department of Financial Services (NYDFS) published the finalized Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500), which includes a number of significant and, for many covered entities, onerous changes to its original regulation. The finalized Second Amendment is much like the June 2023 proposed draft (which […]

The post NYDFS Finalizes Second Amendment to Its Cybersecurity Regulation appeared first on Alston & Bird Consumer Finance ABstract.