"Companies are bracing for a new era of enforcement as New York, the most active state regulator on cyber, rolls out its last set of security requirements Nov. 1.

The final amendments to the New York State Department of Financial Services’ Cybersecurity Regulation require companies to implement authentication controls and maintain a complete inventory of their systems. The deadline marks the end of a two-year phase-in schedule of updates to the state’s 2017 cybersecurity rules, which established cyber requirements for financial, banking, and insurance entities operating in New York.

Since November 2023, mandates on reporting ransomware payments, reviewing risk assessments, ..."

 

Read more here..

This article was originally published in Bloomberg Law.