NYDFS Penalizes bitFlyer $1.2 Million for Violations to Cybersecurity Regulation | News & Insights

Blog Posts October 25, 2022

NYDFS Announces Significant Cybersecurity Settlement with EyeMed Vision Care

On October 18, 2022, EyeMed Vision Care LLC (“EyeMed”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) relating to a cybersecurity event from 2020 that exposed consumer nonpublic information (“NPI”) to an unauthorized individual. EyeMed agreed to pay DFS a $4.5 million penalty, in addition to implementing mandatory remediation […]

The post NYDFS Announces Significant Cybersecurity Settlement with EyeMed Vision Care appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts July 11, 2023

NY DFS Releases Revised Proposed Second Amendment of its Cybersecurity Regulation

The New York Department of Financial Services (“NY DFS”) published an updated proposed Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500) in the New York State Register on June 28, 2023, updating its previous proposed Second Amendment, which was published November 9, 2022. While the language proposed is largely similar to the previous […]

The post NY DFS Releases Revised Proposed Second Amendment of its Cybersecurity Regulation appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts November 18, 2022

NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment

The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]

The post NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Blog Posts April 29, 2021

NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses

Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of active exploitation of DFS-regulated companies […]

The post NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Cyber Alert March 8, 2017

Cyber Alert: NY Governor Cuomo Announces Final NYDFS Cybersecurity Regulations

Complying with existing federal cybersecurity regulations won’t be enough to satisfy New York’s first-in-the-nation, uniquely prescriptive rules. Our Cybersecurity Preparedness & Response Team explores the implications of this game-changing development for anyone falling under the NY Department of Financial Services’ purview.