NYDFS Issues Frontier AI Advisory and Guidance for Heightened Cyber Threat Environment
-
Advisories October 24, 2024Privacy, Cyber & Data Strategy Advisory: NYDFS Issues Guidance on Artificial-Intelligence-Related Cybersecurity Risks
Our Privacy, Cyber & Data Strategy Team explores new guidance from the New York Department of Financial Services for covered entities to combat what it considers the most pressing cybersecurity risks of artificial intelligence (AI).
-
Advisories April 9, 2024Privacy, Cyber & Data Strategy / Securities Litigation Advisory: Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant cybersecurity incident? Members of our Privacy, Cyber & Data Strategy Team and our Securities Litigation Group weigh in.
-
Advisories November 9, 2023Privacy, Cyber & Data Strategy / Privacy & Cybersecurity Litigation Advisory: NYDFS Finalizes Second Amendment to Its Cybersecurity RegulationOur Privacy, Cyber & Data Strategy and Privacy & Cybersecurity Litigation teams examine the New York Department of Financial Services’ finalized Second Amendment to its Cybersecurity Regulation.
-
Blog Posts March 11, 2021NYDFS Reports Major Cybersecurity Settlement
In early March, the New York Department of Financial Services (NYDFS) announced a settlement involving a $1.5M penalty and mandatory remediation in response to a mortgage lender’s alleged failure to report a cyber breach, and other alleged cybersecurity failures. This enforcement action marks the second public enforcement action under 23 NYCRR Part 500 (the “Cybersecurity Regulation”) (see […]
The post NYDFS Reports Major Cybersecurity Settlement appeared first on Alston & Bird Consumer Finance ABstract.
-
Blog Posts December 22, 2025NYDFS Releases New Prescriptive FAQs on MFA
The New York Department of Financial Services (NYDFS) has released a new set of Frequently Asked Questions (FAQs 18–23) under 23 NYCRR Part 500, reinforcing its position that multifactor authentication (MFA) remains a critical component of a covered entity’s cybersecurity program. These FAQs provide highly prescriptive guidance, including clarifications on technical requirements for the “possession” […]
The post NYDFS Releases New Prescriptive FAQs on MFA appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.



