On Friday, August 5, 2022 from 10:30 – 11:20 am EDT, Eric Dinallo, Luke Dembosky, Avi Gesser, Erez Liebermann, and Charu Chandrasekhar will be participating in the latest installment of Debevoise’s series of Friday webinars. The webinar will examine the draft amendments to the Part 500 Cybersecurity Rules (“Draft Amendments”) proposed by the New York Department of Financial Services (“NYDFS”) and the implications they may have for insurance companies and other NYDFS-regulated entities. The discussion will cover:

  • New governance, technology, and notification-related obligations proposed under the Draft Amendments, including more onerous obligations for large covered entities such as annual independent cybersecurity audits and weekly vulnerability assessments, mandatory 24-hour notification for cyber ransom payments, increased expectations for board expertise, and additional restrictions on privileged accounts;
  • Opportunities for participation during the comment period and likely pushback from covered entities; and
  • Practical steps covered entities can take to mitigate regulatory and reputational risks.

To RSVP for the live webinar, click here.  To receive the on-demand recording, click here

To read our recent Data Blog post on the NYDFS Proposed Rules, click here.

To sign up for the Data Blog, please click here.

Author

Eric R. Dinallo is Chair of the Debevoise insurance regulatory practice and a member of its Financial Institutions and White Collar & Regulatory Defense Groups in New York. He can be reached at edinallo@debevoise.com.

Author

Luke Dembosky is a Debevoise litigation partner based in the firm’s Washington, D.C. office. He is Co-Chair of the firm’s Data Strategy & Security practice and a member of the White Collar & Regulatory Defense Group. His practice focuses on cybersecurity incident preparation and response, internal investigations, civil litigation and regulatory defense, as well as national security issues. He can be reached at ldembosky@debevoise.com.

Author

Avi Gesser is Co-Chair of the Debevoise Data Strategy & Security Group. His practice focuses on advising major companies on a wide range of cybersecurity, privacy and artificial intelligence matters. He can be reached at agesser@debevoise.com.

Author

Erez is a litigation partner and a member of the Debevoise Data Strategy & Security Group. His practice focuses on advising major businesses on a wide range of complex, high-impact cyber-incident response matters and on data-related regulatory requirements. Erez can be reached at eliebermann@debevoise.com

Author

Charu A. Chandrasekhar is a litigation counsel based in the New York office and a member of the firm’s White Collar & Regulatory Defense Group. Her practice focuses on securities enforcement and government investigations, internal investigations and complex commercial litigation.