NY DFS Cybersecurity Regulations Delayed Several Months: We hate to say we told you so … but we will anyway.

According to an article in Reuters —  Exclusive: NY Financial Regulator to Delay Cyber Security Rules, the New York State Department of Financial Services is going to publish an updated version of its cybersecurity rules by the end of December and then delay implementation until March 1, 2017, after the public review period has concluded.

It would appear that someone in Albany is reading our blog (well possibly not, but we occasionally enjoy feeling self-important) and based on our analysis has decided to postpone the implementation of the NY DFS Cybersecurity Regulations which we (and countless others) blasted in the following posts: Proposed Department of Financial Services Regulations (“DFS”), “N.Y. Regulators Consider Cybersecurity Requirements for Banks and Insurers”, “New York: Proposed Regulations for Cybersecurity come up Short”, and Opinion: Proposed NY Cybersecurity Regulations — Not Great but better than nothing?  This topic was also covered by Judith Germano’s article —  Proposed NY Cybersecurity Regulation:  A Giant Leap backward? which appeared in Forbes.

Hopefully, this will give lawmakers in Albany as well as legislators across the nation ample time to consider the model cybersecurity framework that is currently being developed by a task force of U.S. state insurance regulators, according to the article. Or perhaps they will turn to the National Institute of Standards and Technology (“NIST”) which has put some effort into building cybersecurity frameworks. Certainly, the last thing we need are more knee-jerk feel-good reactions to cybersecurity which do nothing to tackle the real issues and are akin to a band-aid approach where perhaps surgery is the wiser course of action.

So Happy Holidays to the Banks and Insurers within NY; hopefully this last-minute reprieve is followed by a common-sense holistic approach to cybersecurity hygiene and not simply more political rhetoric.  Let’s be very clear on this, cybersecurity is an extremely important issue facing the public-sector, the private-sector, as well as individuals.  We need action but first we need an overall strategy to ensure that the tactics developed provide a complete and comprehensive framework and aren’t just a patchwork cobbled together by individual regulatory fiefdoms.


Tags: ,


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Christopher w. FolkChristopher W. Folk

is a second year student at SU College of Law. Christopher is a non-traditional student, returning to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering and in addition to being a full-time student, Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Ryan D. White

Ryan D. WhiteRyan is currently a second year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic.Full biography

Anna Maria Castillo

is a third year law student at Syracuse College of Law. She is also pursuing a Master of Arts in International Relations at Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She currently serves as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a third year student at Syracuse College of Law. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She is a member of the Syracuse National Trial Team and was recently awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She has served as a law clerk in the United States Attorney's Office for the Western District of New York and the Public Defender Service for the District of Columbia and as an extern in the United States District Court for the Western District of Washington. Full biography

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography