Will NY’s New Cybersecurity Rules Affect You?

intelligentID | March 31, 2017


New York’s new cybersecurity regulations affect every member, including high-ranking senior officers.

This month, The New York State Department of Financial Services’ (NYDFS) cybersecurity regulations went into effect. These new rules pose significant compliance challenges for those organizations that are subject to the regulation all of which aim to elevate the importance of cybersecurity within their businesses, both for activities within and outside of New York.

A major emphasis in the new regulations is the NYDFS’s intent to make cybersecurity a priority within an organization’s senior management, recognizing that those senior members are involved with their company’s cybersecurity protocols. This is a direct example of Intelligent ID’s own emphasis on both compliance reporting and the importance of properly monitoring high privileged account team members.

Under New York’s new regulations, every organization is also required to appoint a Chief Information Security Officer (CISO) who must report directly to a set board of directors regarding its cybersecurity program and any material cybersecurity risks. A byproduct of the new rules will also be stronger measures of data loss prevention — not only one of Intelligent ID’s own specialties, but a core emphasis within its innovative data security software suite.

In sum, expect the new regulations to lead to:

  • Increased scrutiny into senior management’s involvement with your organization’s cybersecurity program
  • Elevation of the CISO to a more senior and central role in your organization; and
  • Increased scrutiny from other regulating authorities into whether your organization’s cybersecurity plan and risk management assessments consider risks to the consumer.

The NYDFS’s new regulations will almost certainly guarantee major changes for those organizations subject for the newly mandated certification. Institutions subject to the regulation include state-chartered banks, as well as foreign banks licensed to operate in the state, along with any insurer that does business in New York. A task force of U.S. state insurance regulators is also developing a model cyber security law, which individual state legislatures could ultimately choose to adopt.

Intelligent ID is endpoint-based user monitoring and analytics software that secures organizations’ business assets by continuously monitoring and alerting management to suspect events taking place anywhere an endpoint may travel. This includes data loss or theft activity, compliance infractions, workplace liability issues, inefficient use of time and resources, infrastructure concerns, insecure file access, and more. For further information, visit them at or contact us at

Additional Resources