If your company is one of the broad group of businesses licensed by the New York Department of Financial Services (NY DFS), a very important deadline is bearing down on February 15. Regulated entities have under Thursday to attest to their compliance with the first-in-the-U.S. cybersecurity regulations (details and links are in blog post below). The regulations require that “the Chairperson of the Board of Directors or Senior Officer(s)” must certify (in writing) that the organization is compliant with all the cybersecurity regulations, including systems controls and testing, incident response plans, high-level approvals of written policies, appointement of a Chief Information Security Officer, and cybersecurity reviews.
NY DFS Superintendent Maria Vullo recently issued a reminder of the February 15 deadline, and announced that a cybersecurity review will be included in the DFS’ regular safety and soundness bank examinations.