(Bloomberg) – New York state is proposing new rules requiring banks and insurance companies to establish cybersecurity programs and designate an internal cybersecurity officer, in what Gov. Andrew Cuomo described as a "first-in-the-nation" move to codify cyber safety policies.
The new regulations, proposed by New York's Department of Financial Services, will apply only to banks and other financial services companies licensed by the Empire State and not to nationally chartered institutions. But as the first regulator to issue guidelines involving cybersecurity, the DFS could set an example for other regulators at the state and federal level. The proposed regulation is subject to a 45-day notice and public comment period before final adoption.
The proposed rules come after some of the world's biggest banks — including JPMorgan Chase & Co. and HSBC Group — have reported significant cyber intrusions and U.S. corporations in general have been frequent targets of hacking.
|Minimum standard
Large banks and insurance companies have built their own cybersecurity programs in recent years, often at expenses of hundreds of millions of dollars. The biggest impact of the new regulations is likely to be on small banks and insurers, which may now need to bring their cyber programs up to at least a minimum standard.
Recommended For You
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
