On Friday, July 7th, 2023, Eric Dinallo, Avi Gesser, Erez Liebermann, Marshal Bozzo, and Stephanie Thomas hosted a webcast that examined the Revised Proposed 2nd Amendment to the Part 500 Cybersecurity Rules released by the New York Department of Financial Services and discussed what changes were made, what still needs fixing, and the implications that the new draft may have for insurance companies and other NYDFS-regulated entities.
Important issues covered include changes to:
- The cybersecurity expertise requirements for boards;
- The definition of Class A companies and what is required of them;
- The multi-factor authentication obligations;
- The business continuity and disaster recovery requirements;
- The audit and risk assessment procedures; and
- The annual certification obligations and what constitutes a violation of Part 500.
To access an on-demand recording of this webcast, please click here.
If you missed the last briefing, please click here to access the on-demand recording.
The cover art used in this blog post was generated by DALL-E.