Huge Percentage of Licensees will not meet NY Cybersecurity Timeline

New York DFS Cyber Compliance Nightmare? New survey reports less than half of financial firms will meet deadline, JDSupra (June 16, 2017)

An article in JD Supra reported on June 16 that a survey conducted by the Ponemon Institute found that less than half of the financial institutions required by New York’s new cybersecurity legislation will be able to meet next February’s deadline for compliance. Moreover, just 13 percent of the institutions surveyed reported that they would be able to say, “with certainty” that they would be in full compliance by next year.

"The study surveyed 564 respondents who worked in IT, cybersecurity and other areas within compliance. An overwhelming majority – 71 percent – said that it will be difficult to comply with the regulations as written."

AFSA has commented three times on the proposed regulations, once with other trades and twice independently, noting that it supports the state’s goal of increase security, but has concerns with the clarity of the proposed regulations and the rapidity with which they must be implemented.

New York’s Department of Financial Services (NYDFS) proposed the new regulations, which affect more than 3,000 banks and insurers from large, multi-national conglomerates to small, single-location financial institutions. The NYDFS regulations require compliance with a detailed set of security requirements.