The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform this week, with a whopping $30 million fine assessed against Robinhood Crypto, LLC (RHC) for what it described as “significant failures in the areas of bank secrecy act/anti-money laundering obligations and cybersecurity that resulted in violations of the

This week, the New York State Department of Financial Services (NYDFS) issued the Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response. The Report begins with the statement that “The next great financial crisis could come from a cyber-attack,” And goes on to describe how the SolarWinds attack affected financial institutions and NYDFS’s response

The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, regarding four separate cybersecurity events suffered by it and its affiliate National Asset Management, Inc. (NAM) between April 3, 2018 and April 30, 2020.

The Consent Order reports that

In what the New York Department of Financial Services (NYDFS) is touting as the first guidance by a U.S. regulator on cyber insurance, NYDFS announced on February 4, 2021, in Insurance Circular Letter No. 2 (2021), that it has issued a new Cyber Insurance Risk Framework (Framework) addressed to authorized property/casualty insurers that write cyber

You probably heard about the recent hack of Twitter accounts that took place on July 15, 2020. The hackers took over several prominent Twitter accounts, which resulted in a scam that netted over $118,000 in bitcoin for the hackers. One of the most startling things about the cyberattack was that it was led by a

Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance industry, a wave of states have either enacted or are pursuing legislation aimed at regulating the cybersecurity measures of insurance companies.

In 2017,

On March 1, 2018, the New York Department of Financial Services (NYDFS) “cybersecurity regulations” (23 NYCRR Part 500) took effect, placing a number of cybersecurity requirements on banks, insurance companies, and other financial services institutions and licensees regulated by the NYDFS (“Covered Entities”).

To aid in compliance with the regulation, the NYDFS recently added new