In late December, New York State’s Department of Financial Services (“DFS”) released its revised proposed cybersecurity regulation (the “DFS Rule”). While the revisions pare back some of the DFS Rule’s original requirements and add some much needed flexibility, the regulation will still impose many new obligations upon a wide array of financial institutions doing business in New York. The DFS Rule will become effective on March 1, 2017.
Continue Reading New York State Department of Financial Services Cybersecurity Regulation Poised to Reshape Existing Regulatory Landscape
Jeff Kern
Jeff Kern is a partner in the Governmental Practice and serves as a Managing Partner of Sheppard Mullin’s New York office. Jeff also heads the firm’s Securities Enforcement & Litigation Team and is a charter member of the Blockchain & Digital Assets Team.
New York State Department of Financial Services Proposes Cybersecurity Regulations for Financial Services Companies
If the New York State Department of Financial Services (“DFS”) has its way, come January 1, 2017, financial services companies that require a form of authorization to operate under the banking, insurance, or financial services laws (“Covered Entities”) will be required to comply with a new set of comprehensive cybersecurity regulations aimed at safeguarding information systems and nonpublic information.
Continue Reading New York State Department of Financial Services Proposes Cybersecurity Regulations for Financial Services Companies
SEC Steps Up Cybersecurity Enforcement with $1 Million Fine Against Morgan Stanley
The Securities and Exchange Commission’s (“SEC”) recent $1 million settlement with Morgan Stanley Smith Barney LLC (“MSSB”) marked a turning point in the agency’s focus on cybersecurity issues, an area that the agency has proclaimed a top enforcement priority in recent years. The MSSB settlement addressed various cybersecurity deficiencies that led to the misappropriation of sensitive data for approximately 730,000 customer accounts.
Continue Reading SEC Steps Up Cybersecurity Enforcement with $1 Million Fine Against Morgan Stanley