Skye Witley reports:
New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday.
Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial Services.
The New York agency is a national leader in cybersecurity regulation, with other state and federal regulators adopting its approach—the Federal Trade Commission notably said its newest breach reporting standards were “based primarily” on rules first established in New York.
Read more at Bloomberg.