New York issues final regulation for financial services sector updating cyber requirements for governance, notifications

The New York Department of Financial Services has finalized an update to its cybersecurity regulations that will require organizations to conduct more regular risk assessments and adjustments on incident notification efforts.

The updated regulations are designed to “enhance cyber governance, mitigate risks, and protect New York businesses and consumers from cyber threats,” according to a Wednesday release from NYDFS.

The release says, “The amended regulations build on the sweeping impact of the original cybersecurity regulations, which established the innovative...