In February, companies and businesses regulated by the New York Department of Financial Services (NYDFS) had to submit proof of compliance with new cybersecurity laws in New York state. Company and business representatives signed off to certify compliance, but those representatives may be held liable if examinations administered by the NYDFS discover any compliance violations.
According to Steven Chabinsky, chair of the Global Data, Privacy and Cybersecurity practice at global law firm White & Case, the NYDFS has indicated in certain circumstances that it doesn't plan to penalize institutions that exercise honest, good faith judgment. Chabinsky cautioned, however, that companies that get it wrong—and don't get the benefit of the doubt—"can face a wide range of enforcement and disciplinary actions that could result in large fines, increased reporting requirements and even revoked licenses."
For more information please speak to your local media contact.