State Financial Data Security Rule Proposal Revision. 6 Key Pieces of Intel.

The state upping the ante on data security rules for the finance industry: New York

The new New York rules announced December 28th will:

• Effective Date will be March 1, 2017 instead of January 1st
• Require annual reporting to the state about data security compliance
• Requires financial institutions to maintain comprehensive audit trails
• Mandatory reporting of any cybersecurity event within 72 hours
• Financial institutions must appoint a Chief Information Security Officer (CISO)
• Required multifactor authentication for staff accessing internal networks or information systems externally

Business Insider | New York delays new cybersecurity rules for financial firms​