Multi-factor authentication is a method of authenticating users on an information system and requires them to go through multiple steps to access that information system. Commonly, this is accomplished through a combination of a username and password, followed by a...
The New York State Department of Financial Services released the official proposed second amendment to the cybersecurity regulation (23 NYCRR 500). This follows an unofficial draft of the amendments that circulated in August. The amendment would make multi-factor...
Originally published in 2017, 23 NYCRR 500 was a first-in-the-nation attempt at creating standards for the financial services industry in protecting nonpublic information. These amendments would be the first major changes to the regulation since its adoption. The...
The opening line of William Shakespeare’s Richard III is an oft-quoted line—often used to express sadness. You know, how you feel when another agency agreement comes across your desk. I know that agency agreements are no one’s favorite thing. You would much rather...
The New York Department of Financial Services celebrated the five-year anniversary of 23 NYCRR 500—commonly referred to as the DFS Cyber Security Regulation—with amendments to that regulation. The DFS has released a pre-proposal for comment. Here is what is in this...
During the first few months of the pandemic, the phrase the new normal was everywhere and it was meant to describe what things would be like going forward. It was meant to describe what we have always done, but would be done differently than it had in the past. For...
Amid the escalating situations in Ukraine, federal and state governments are alerting U.S. individuals and businesses of more cyberthreats that stem from Russia’s invasion of Ukraine that could impact cybersecurity in the near future. CISA cyber security...
New York’s Cybersecurity Regulation (23 NYCRR 500) requires all insurance entities that hold a New York state insurance license—referred to as covered entities in the regulation—to file a certification of compliance with the New York Department of Financial Services...
The more an insurance producer understands about cyber-related dangers that face clients, the better able that insurance producer is to help. From ransomware attacks, to breaches that trigger notification requirements under state security-breach laws, to...
Multi-factor authentication is a method of authenticating users on an information system and requires them to go through multiple steps to access that information system. Commonly, this is accomplished through a combination of a username and password, followed by a...