Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
New York is poised to become the first state in the nation with comprehensive cybersecurity regulation and reporting requirements applicable to the entire financial services industry, with only very limited exemptions. 23 NYCRR 500 (the Regulation) will require banks, insurance companies, and other financial institutions regulated by the New York State Department of Financial Services (DFS) to establish and maintain a cybersecurity program designed to protect consumers and the stability of New York’s financial services industry. The Regulation was designed to promote the protection of customer information as well as the underlying information technology systems of regulated entities in light of the ever-increasing threat of cyber attacks. It requires assessment of specific risk profile and design of program addressing risks, for which senior management is responsible including annual certification of compliance.
Continue reading by getting
started with a subscription.
China Finalizes New Regulations to Relax Personal Data Exports from China
By Lindsay Zhu, Scott Warren, Haowen Xu and Charmian Aw
Nearly six months after the Cyberspace Administration of China (CAC) was first introduced for public consultation, the much-awaited final rules on Regulating and Facilitating Cross-border Data Flows were published and came into effect on March 22, 2024. The New Regulations largely repeat the Draft Regulations, but now have further relaxed personal data exports from China.
Unraveling The American Data Privacy Patchwork: Will the American Privacy Rights Act Succeed?
By Michael McLaughlin and Andria Adigwe
As the focus on protecting personal data continues to grow with the ever-widening adoption of artificial intelligence (AI) tools, exponential increases in the number and breadth of data breaches, and growing awareness of the risk posed by data brokers, the time appears right for a U.S. federal data privacy regulation to succeed in Congress. But is the new American Privacy Rights Act that regulation?
The Perfect Storm: Why Contract Hiring In Privacy Will Eclipse Direct Hiring In 2024
By Jared Coseglia
With significantly fewer fully remote positions available in 2023, active job seekers were faced with the question of whether to begin considering compromises on work-from-home flexibility or compromise in other areas like compensation, vertical mobility, quality of life, or employment modality.
Lessons for CISOs from the SolarWinds Breach and SEC Enforcement
By Daniel Garrie, David Cass and Jennifer Deutsch
In an era where digital threats loom large, the responsibilities of Chief Information Security Officers have expanded beyond traditional IT security to encompass a broader governance, risk management, and compliance role. The infamous SolarWinds Corp. attack illustrates the complex cybersecurity landscape CISOs navigate.