Boards of directors need to maintain an appropriate level of cyber expertise, incidents must be reported within 72 hours after determination, and all ransom payments made must be reported within a day. Those are just some of the changes made by The New York State Department of Financial Services to its Cybersecurity Requirements for Financial Services (23 NYCRR 500) , effective November 1, 2023. This tightening of the reigns will hold businesses to higher security scrutiny and make technical and non-technical stakeholders alike more accountable. While this may seem benign, the move is more…
This article has been indexed from Blog RSS Feed