To embed, copy and paste the code into your website or blog:
On April 14, 2021, the New York Department of Financial Services (“NYDFS”) announced a settlement with National Securities Corporation (“National Securities”), a licensed insurer, in connection with claims under the NYDFS Cybersecurity Regulation (23 NYCRR Part 500). The consent order requires payment of a $3M penalty and mandatory remediation in response to alleged failures to properly implement multi-factor authentication, provide notice to NYDFS of two cybersecurity events reported to other regulators in 2018 and 2019, and for falsely certifying compliance for the calendar year 2018.
The consent order demonstrates continued active enforcement of the Cybersecurity Regulation by the NYDFS. The $3M penalty is the largest published assessment to date for alleged violations of the Cybersecurity Regulation. The consent order follows a $1.5M assessment in a separate matter announced last month. It is the second order
NYDFS Settles with NSC for Violations of DFS Cybersecurity Regulations natlawreview.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from natlawreview.com Daily Mail and Mail on Sunday newspapers.
Fingerlakes1.com
Menu Search for:
Have a tip for the newsroom, press release, local event listing or digital content to share? Send it here. Support our mission by visiting patreon.com/fl1 and becoming a monthly subscriber.
Superintendent of Financial Services Linda A. Lacewell announced that National Securities Corporation will pay a $3 million penalty to New York State for violations of DFS’s Cybersecurity Regulation that caused the exposure of a substantial amount of sensitive, non-public, personal data belonging to its customers, including thousands of New York consumers.
“The Department remains committed to taking nation-leading action to ensure that all licensees abide by DFS’s Cybersecurity Regulation and safeguard the private data of all consumers,”
New York State Department Of Financial Services Superintendent Lacewell Announces Cybersecurity Settlement With Licensed Insurance Company - DFS Investigation Uncovers National Securities Corporation Failed To Implement Multi-Factor Authentication, Falling Victim To Four Cyber Breaches That Exposed Its Customersâ Private Data Date
14/04/2021
Superintendent of Financial Services Linda A. Lacewell announced today that National Securities Corporation (“National Securities”) will pay a $3 million penalty to New York State for violations of DFS’s Cybersecurity Regulation that caused the exposure of a substantial amount of sensitive, non-public, personal data belonging to its customers, including thousands of New York consumers.
“The Department remains committed to taking nation-leading action to ensure that all licensees abide by DFS’s Cybersecurity Regulation and safeguard the private data of all consumers,” said Superintendent Lacewell. As cyber�
Monday, April 12, 2021
On March 1, 2017, the New York State Department of Financial Services (“NYDFS”) Cybersecurity Requirements for Financial Services Companies (the “Cybersecurity Regulation”) became effective.
[1] Fast forward four years, where NYDFS issued its first penalty under the Cybersecurity Regulation arising from a standard examination. On March 3, 2021, NYDFS entered into a Consent Order with Residential Mortgage Services, Inc. (“RMS”) that requires RMS to pay a penalty of $1.5 million after a standard examination uncovered an unreported email compromise impacting New York consumers and a lack of periodic risk assessments by RMS. Previously, the only NYDFS cybersecurity enforcement action was against a title insurance company that experienced a large, publicly-reported data breach. The fact that NYDFS penalized RMS in connection with a standard examination demonstrates the importance of covered entities’ compliance with the Cybersecurity Regul