Home » Webinars » Navigating New York's New Cybersecurity Regulations and Federal Guidance for Banks and Other Financial Institutions

Navigating New York's New Cybersecurity Regulations and Federal Guidance for Banks and Other Financial Institutions

Complying With New York DFS Regulations, Avoiding Federal Enforcement Actions for Data Breaches

Recording of a 90-minute premium CLE webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.

This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Wednesday, April 12, 2017

Recorded event now available

or call 1-800-926-7926

This CLE course will review the new cybersecurity regulations issued by the New York Department of Financial Services, including which institutions are regulated and the staffing, reporting and third-party monitoring requirements imposed under the state regulations. The panel will also discuss recently proposed federal regulations affecting financial institutions, recent enforcement actions related to data breaches, and the cybersecurity standards implied by such actions.

Description

New cybersecurity regulations issued by the New York Department of Financial Services (23 NYCRR Part 500) went into effect March 1, 2017. They include mandatory staffing and reporting requirements and the obligation to monitor third-party vendors. The regulations mark the first of their kind in the cybersecurity space in the U.S. by any state or federal regulator.

It is likely that other state regulators will follow suit, as cybersecurity regulatory oversight continues to increase at the state level. With respect to a large number of banks, insurance carriers and other financial services companies, New York’s regulations will have a national effect.

On Oct. 19, 2016, the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation (collectively, the agencies) jointly issued an advance notice of proposed rulemaking and inviting public comment on cybersecurity regulations and guidance for large and interconnected entities under their supervision. The advance notice of proposed rulemaking points toward more specific federal regulation of cybersecurity.

Federal agencies and the courts have already signaled that the failure of financial institutions to implement a robust cybersecurity framework can result in significant damages and penalties in the event of a data breach. Bank counsel must be able advise banking and financial services clients on measures that should be in place now to help avoid future claims and penalties.

Listen as our authoritative panel reviews 23 NYCRR Part 500, providing advice as to the institutions impacted, and how the new staffing, reporting and monitoring obligations may vary depending on activities in which a financial services company is engaged. The panel will also discuss the regulations proposed by the federal agencies and the latest trends in enforcement actions and lawsuits arising from data breaches.

New York cybersecurity regulations (23 NYCRR Part 500: the “NY regs”)
1. Banks and other financial institutions subject to the NY regs
2. Data protection measures—staffing and procedures
3. Reporting requirements
4. Ramifications outside of New York—new standard for claims
Federal agency enforcement actions—increased frequency and penalties
Status of cybersecurity regulations jointly proposed by Federal Reserve, OCC and FDIC

Benefits

The panel will review these and other key issues:

The significance of the New York regulation (23 NYCRR Part 500)—New York as a global financial center
Which institutions are covered by the New York regulation?
What is the status of the proposed federal regulations?
Lessons from the most recent cases and federal enforcement actions related to data breaches

Faculty

Mark L. Krotoski
Partner
Morgan Lewis & Bockius

Mr. Krotoski represents and advises clients on antitrust cartel investigations; cybersecurity and privacy matters;... | Read More

Joseph D. Simon
Partner
Cullen and Dykman

Mr. Simon handles regulatory, compliance, corporate and transactional matters for financial institutions, and real... | Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

CLE On-Demand Video

or call 1-800-926-7926

Irving C. Apar
Partner
Thompson Hine

Mark N. Berman
Adjunct Professor
Northeastern University School of Law

Willa Cohen Bruckner
Partner
Alston & Bird

Lawrence Kaplan
Of Counsel
Paul Hastings

Kevin Petrasic
Partner
Davis Wright Tremaine

Laura D. Richman
Counsel
Mayer Brown

Ed Snow
Partner
Burr & Forman

Robert M. Stern
Partner
Weil, Gotshal & Manges

Andrew Stutzman
Partner
Stradley Ronon Stevens & Young

I liked the combination of the substantive material and the legal perspective.

Jane Shea
Frost Brown Todd

I liked the speaker's overall information on the industry and how compelling the presentation was. The program was very thought provoking, and covered more than what we expected.

Judy Chen
Chapman and Cutler

Strafford’s program held my attention and addressed a relevant topic in a concise clear way.

Lynn Mistretta
Marcus Clegg & Mistretta

Strafford's live courses offer you a high quality and convenient Continuing Legal Education and Continuing Professional Education option. We have been serving the legal and accounting community for over 30 years.

1,000+ webinars per year
8,200+ webinars completed
6,300+ on-demand webinars
190,000+ satisfied customers
10,500+ expert practitioners