Navigating New York's New Cybersecurity Regulations and Federal Guidance for Banks and Other Financial Institutions
Complying With New York DFS Regulations, Avoiding Federal Enforcement Actions for Data Breaches
Recording of a 90-minute premium CLE webinar with Q&A
This CLE course will review the new cybersecurity regulations issued by the New York Department of Financial Services, including which institutions are regulated and the staffing, reporting and third-party monitoring requirements imposed under the state regulations. The panel will also discuss recently proposed federal regulations affecting financial institutions, recent enforcement actions related to data breaches, and the cybersecurity standards implied by such actions.
- New York cybersecurity regulations (23 NYCRR Part 500: the “NY regs”)
- Banks and other financial institutions subject to the NY regs
- Data protection measures—staffing and procedures
- Reporting requirements
- Ramifications outside of New York—new standard for claims
- Federal agency enforcement actions—increased frequency and penalties
- Status of cybersecurity regulations jointly proposed by Federal Reserve, OCC and FDIC
The panel will review these and other key issues:
- The significance of the New York regulation (23 NYCRR Part 500)—New York as a global financial center
- Which institutions are covered by the New York regulation?
- What is the status of the proposed federal regulations?
- Lessons from the most recent cases and federal enforcement actions related to data breaches
Mark L. Krotoski
Morgan Lewis & Bockius
Mr. Krotoski represents and advises clients on antitrust cartel investigations; cybersecurity and privacy matters;... | Read More
Mr. Krotoski represents and advises clients on antitrust cartel investigations; cybersecurity and privacy matters; trade secret, economic espionage, fraud, and foreign corrupt practices cases; and government investigations. With nearly 20 years of experience as a federal prosecutor and a leader in the US Department of Justice, he has a unique blend of litigation and investigative experience. Previously, as chief and deputy chief of the Criminal Division in the US Attorney’s Office for the Northern District of California, he supervised cases involving white collar crime, securities fraud, computer intrusion, intellectual property, organized crime, and antiterrorism. He frequently speaks on topics involving criminal antitrust enforcement, cybersecurity, cybercrime, and trade secret issues.Close
Joseph D. Simon
Cullen and Dykman
Mr. Simon handles regulatory, compliance, corporate and transactional matters for financial institutions, and real... | Read More
Mr. Simon handles regulatory, compliance, corporate and transactional matters for financial institutions, and real estate matters for all types of clients. He advises financial institutions on a wide range of issues, including truth-in-lending, RESPA, truth-in-savings, financial privacy, transactions with affiliates, lending limits, electronic banking, banking operations, and currency transaction and IRS reporting obligations. He represents financial institutions on various types of regulatory applications, including bank holding company filings, branch applications, mortgage banking license applications, change in control applications, and service corporation and operating subsidiary notices. He also advises financial institutions on the myriad of changes made to the New York law governing powers of attorney.Close