The New York Department of Financial Services (“DFS”) recently issued proposed cybersecurity requirements for financial services companies. The proposed regulation would be codified at 23 NYCRR 500, and would be effective March 1, 2017. This action, which places New York squarely in the vanguard of US regulators, will have wide-ranging effects given the number of banks, insurance companies, and financial services companies that are licensed in New York. It will also affect companies that do business with those regulated companies, referred to in the proposed regulation as “Third Party Service Providers,” whether or not the business affiliates are otherwise required… Read more