On Friday, August 5, 2022, Eric Dinallo, Luke Dembosky, Avi Gesser, Erez Liebermann, and Charu Chandrasekhar participated in a webcast on the proposed draft amendments to the NYDFS cyber rules. The webinar examined the draft amendments and the implications they may have for insurance companies and other NYDFS-regulated entities. The discussion covered:
- New governance, technology, and notification-related obligations proposed under the Draft Amendments, including more onerous obligations for large covered entities such as annual independent cybersecurity audits and weekly vulnerability assessments, mandatory 24-hour notification for cyber ransom payments, increased expectations for board expertise, and additional restrictions on privileged accounts;
- Opportunities for participation during the comment period and likely pushback from covered entities; and
- Practical steps covered entities can take to mitigate regulatory and reputational risks.
To listen to an on-demand recording, click here.
To listen to other Data Strategy and Security webcasts, click here.
To read our recent Data Blog post on the NYDFS Proposed Rules, click here.
To sign up for the Data Blog, please click here.