EKLJ partner Matt Levine was published on “Compliance & Enforcement,” the blog of NYU Law School’s Program for Corporate Compliance and Enforcement.
Levine’s post, “Reading the Fine Print: The NYDFS Assessment of Comments on its Proposed Cybersecurity Amendments,” discusses the New York State Department of Financial Services’ (“DFS”) long-awaited proposed revision to “Part 500,” the agency’s groundbreaking cybersecurity regulation.
“At 92 pages, the Assessment is worthy of digesting on its own,” Levine writes. “One reason is that it offers the DFS perspective on numerous comments received by the agency, observations that may be useful to cybersecurity professionals carrying out day-to-day compliance with the regulation.
“Another notable reason is that the Assessment contains broader statements of DFS supervisory policy and practice. These pronouncements offer key insights into how DFS views its jurisdiction, governance matters, budgetary authority for compliance programs, and Part 500 overall, making them worthy of review by Boards of Directors and senior management of DFS-regulated entities.”