New York issues cyber regulations for banks, insurers
- S&P 500, Nasdaq set records as tech, banks lead
- Texas Instruments (TXN) Tops Q4 EPS by 20c, Issues Solid Q1 Outlook
- Intuitive Surgical (ISRG) Tops Q4 EPS by 10c; $2B Accelerated Share Repurchase
- Seagate Technology (STX) Tops Q2 EPS by 30c
- After-Hours Stock Movers 01/24: (BOBE) (STX) (WDC) Higher; (NEWT) (MRCY) (CA) Lower (more...)
New York state Governor Andrew Cuomo speaks on the final night of the Democratic National Convention in Philadelphia, Pennsylvania, U.S. July 28, 2016. REUTERS/Mike Segar
Get daily under-the-radar research with StreetInsider.com's Stealth Growth Insider Get your 2-Wk Free Trial here.
By Suzanne Barlyn
(Reuters) - New York Governor Andrew Cuomo on Tuesday issued long-anticipated proposed cyber security regulations for banks and insurers in the state, the first of their kind in the United States by any state or federal agency, the governor said in a statement.
Cuomo's planned regulations for institutions overseen by the New York State Department of Financial Services (NYDFS) would require companies to set up cyber security programs and appoint a chief information officer, among other measures, according to the governor's office.
The planned regulations, in the works since 2014, follow a series of high-profile hackings of U.S. companies and three surveys by the regulator about cyber security programs at a total of nearly 200 companies under its watch. One NYDFS report last year revealed that a third of 40 banks in a 2014 survey did not require outside vendors to notify them of data breaches, which could compromise bank data.
The regulations aim to provide institutions with flexibility to adapt to technological innovations while reducing vulnerabilities, NYDFS Superintendent Maria Vullo said in a statement.
NYDFS regulates state-chartered and foreign banks licensed to operate in the state, including Goldman Sachs Group, Barclays and Deutsche Bank, and all insurance companies that do business in the state.
It previewed the plan in a November, 2015 letter to other state and federal regulators. That same day, U.S. prosecutors unveiled criminal charges accusing three men of helping run a sprawling series of hacking and fraud schemes, including a huge 2014 attack against JPMorgan Chase & Co , that generated hundreds of millions of dollars of illegal profit.
Among the planned requirements: board chairmen would have to file annual certifications with NYDFS, stating, to the best of their knowledge, that their companies' cyber programs comply with the regulation.
Other measures would include appointing overseers for outside vendors and limiting access of customers' non-public information, such as social security numbers, to employees who need those details, according to the proposal. Systems would have to include multiple steps for verifying user identities.
Institutions would also have to regularly test their cyber security systems. The chief information security officer would have to present twice-yearly reports about progress and vulnerabilities to the board of directors and make those findings available to NYDFS.
Before the plan becomes final, the public will have 45 days to submit comments, once the proposed regulations are published in the New York State Register.
(Reporting by Suzanne Barlyn; Editing by Chizu Nomiyama, G Crosse and David Gregorio)
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- Barclays Downgrades Apple (AAPL) to Equalweight, Concerned India/China Will not Emerge As Growth Catalysts
- Protesters vow to battle Trump's 'poor decision' to revive pipeline
- Equatorial Guinea confirms hosting ousted Gambian leader Jammeh
Create E-mail Alert Related CategoriesReuters
Related EntitiesDeutsche Bank, JPMorgan, Goldman Sachs, Barclays
Sign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!