Sep 19 2016

Cyber Regulation is Here – First-in-the-Nation Cybersecurity Regulation to Protect Consumers and Financial Institutions

This weekend, Governor Andrew M. Cuomo announced that a new first-in-the-nation regulation has been proposed to protect New York State from the ever-growing threat of cyber attacks. “This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber attacks to the fullest extent possible” said Cuomo.

The Regulation requires regulated financial institutions, including investment advisers and those in the financial industry to establish a cybersecurity program that includes: adopting a written cybersecurity policy and designating a Chief Information Security Officer (CISO) (or an appropriate 3rd Party CISO, such as Layer 8 Security) responsible for implementing, overseeing, and enforcing its new program and policy.

The designated CISO will implement the policies and procedures designed to ensure the security of information systems and nonpublic information accessible to, or held by, third-parties, along with a variety of other requirements to protect the confidentiality, integrity, and availability of information systems. These offerings are at the heart of Layer 8 Security’s mission.

This Regulation is the logical next step following up on the groundwork laid by the SEC and its Office of Compliance Inspections and Examinations (“OCIE”), which protects investors through administering the SEC’s nationwide examination and inspection program. This is an example of the forward thinking that will transform our national cyber awareness and cyber resiliency. As I have been preaching, the question is not “IF” cyber regulation becomes the law of the land, the question is “WHEN.”

To read the requirements, please go to

To discuss in greater detail, please contact me at