First Certifications Under NY DFS Cybersecurity Rules Due February 15, 2018

2 February 2018

On February 15, 2018, banks, insurance companies, and other financial services providers covered by the new Cybersecurity Rules issued last year by the New York Department of Financial Services ("DFS") will be required to submit to DFS a certification that they are in compliance with the regulation – or at least with those parts of the regulation that are in effect. The Certification of Compliance, in the format laid out in Appendix A to the Cybersecurity Rules, 23 NYCRR Part 500, requires either the Board of Directors or a Senior Officer of a covered entity, as defined in the Rules, to certify that they have "reviewed documents, reports, certifications and opinions of such officers, employees, representatives, outside vendors and other individuals or entities as necessary," and that "[t]o the best of [their] knowledge," the covered entity's Cybersecurity Program complies with the Cybersecurity Rules.

Download PDF

Clifford Chance

Briefings

First Certifications Under NY DFS Cybersecurity Rules Due February 15, 2018

2 February 2018

Celeste Koeleveld

Partner

New York

David DiBari

Partner

Washington D.C.

Megan Gordon

Office Managing Partner, Washington, DC

Washington D.C.

Daniel Silver (He/Him)

Partner

New York

Philip Angeloff

Counsel

Washington D.C.

Celeste
Koeleveld

Partner

New York

David
DiBari

Partner

Washington D.C.

Megan
Gordon

Office Managing Partner, Washington, DC

Washington D.C.

Daniel
Silver (He/Him)

Partner

New York

Philip
Angeloff

Counsel

Washington D.C.

Toolkits & Client Log-in