The New York Department of Financial Services (NYDFS) Cybersecurity Regulations came into full effect in March 2019, outlining requirements to make sure organizations are implementing effective cybersecurity programs and proactively addressing risk. These original requirements included having a CISO, encrypting sensitive data, and ensuring processes are in place to deal with data breaches.
However, things could soon be changing. On November 9th 2022, the NYDFS shared updates to proposed changes to the original regulations that will affect all organizations working in the New York financial sector – including new email security requirements. Here’s what you need to know.