Comment Letter on New York Cybersecurity Proposal

Late last month, we submitted a comment letter in support of a proposed rule from the New York Department of Financial Services (DFS) that would establish minimum cybersecurity requirements for regulated entities in the state. Broadly, we applaud the department for taking a principles-based approach to this issue, and for recognizing that a range of different business models exist within the financial services industry – meaning that a greater level of flexibility is required when it comes to cybersecurity policies and procedures.

Our letter also complimented DFS for carving out a series of thoughtful exemptions for small businesses, ensuring not only that financial institutions bear compliance costs that are proportionate to the size of their operations, but that they don’t overlap with the efforts of others. We thank DFS for seeking to create an efficient and effective cybersecurity regime that does not have a disparate impact on smaller financial institutions.

Read the full comment letter here.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s