The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform this week, with a whopping $30 million fine assessed against Robinhood Crypto, LLC (RHC) for what it described as “significant failures in the areas of bank secrecy act/anti-money laundering obligations and cybersecurity that resulted in violations of the
NYDFS Issues Report on SolarWinds
This week, the New York State Department of Financial Services (NYDFS) issued the Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response. The Report begins with the statement that “The next great financial crisis could come from a cyber-attack,” And goes on to describe how the SolarWinds attack affected financial institutions and NYDFS’s response…
NYDFS Settles with National Securities Corp. for $3M for Violations of DFS Cybersecurity Regulations
The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, regarding four separate cybersecurity events suffered by it and its affiliate National Asset Management, Inc. (NAM) between April 3, 2018 and April 30, 2020.
The Consent Order reports that…
NYDFS Issues Cyber Insurance Risk Framework for Regulated Entities
In what the New York Department of Financial Services (NYDFS) is touting as the first guidance by a U.S. regulator on cyber insurance, NYDFS announced on February 4, 2021, in Insurance Circular Letter No. 2 (2021), that it has issued a new Cyber Insurance Risk Framework (Framework) addressed to authorized property/casualty insurers that write cyber…
New York Department of Financial Services Issues Report on Recent Twitter Hack
You probably heard about the recent hack of Twitter accounts that took place on July 15, 2020. The hackers took over several prominent Twitter accounts, which resulted in a scam that netted over $118,000 in bitcoin for the hackers. One of the most startling things about the cyberattack was that it was led by a…
Privacy Tip #221 – How Do We Personally Prepare for a Cyber-Attack on Critical Infrastructure?
Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of…
Department of Homeland Security Warns of Cyber-Attacks by Iran
The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani.
The bulletin explains that Iran’s previous plots against the…
New York DFS Issues Risk Alert Concerning Possible Iran Cyber-Attacks
In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions.
The letter notes that it “is particularly concerning that Iran has a history of launching cyber-attacks against the U.S. and…
States Legislate Cybersecurity Requirements for Insurance Companies
Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance industry, a wave of states have either enacted or are pursuing legislation aimed at regulating the cybersecurity measures of insurance companies.
In 2017,…
New York Department of Financial Services Updates Cybersecurity Guidance: Coverage of Cybersecurity Requirements Addressed in 4 New FAQs
On March 1, 2018, the New York Department of Financial Services (NYDFS) “cybersecurity regulations” (23 NYCRR Part 500) took effect, placing a number of cybersecurity requirements on banks, insurance companies, and other financial services institutions and licensees regulated by the NYDFS (“Covered Entities”).
To aid in compliance with the regulation, the NYDFS recently added new…