A press release issued by the New York Department of Financial Services on January 22, 2018 found here reminds Covered Entities (including banks, insurers and producers, and others regulated by DFS) of their obligation to file a compliance certificate under the new, New York DFS Cybersecurity Regulation on February 15, 2018.
According to the press release, cybersecurity will now be incorporated in all examinations, and DFS has added cybersecurity questions to “first day letters,” sent by DFS at the beginning of financial services company examinations, including safety and soundness and market conduct exams. According to the Superintendent, “DFS’s goal is to prevent cybersecurity attacks, and we therefore will now include cybersecurity in all DFS examinations to ensure that proper cybersecurity governance is being practiced by our regulated entities. As DFS continues to implement its landmark cybersecurity regulation, we will take proactive steps to protect our financial services industry from cyber criminals.”