Kate Hanniford of Alston & Bird writes:
Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of active exploitation of DFS-regulated companies as a result of the Attack, the networks of approximately 100 DFS-regulated companies were compromised as a result of the Attack.
Read more on Privacy, Cyber & Data Strategy Blog.