Dec 28 New York's financial regulator said on
Wednesday it was revising proposed cyber security rules for
banks and insurers doing business in the state to incorporate
industry feedback, delaying implementation by two months to
The rules from the New York State Department of Financial
Services are being closely watched by financial services firms
around the United States because they would be the first of
their kind imposed by any state or federal agency.
At a hearing last week before New York state lawmakers,
banking and insurance industry representatives complained that
the new rules did not distinguish between small and large
financial institutions and might conflict with future U.S.
The New York regulator has also received more than 150
comment letters from banks, insurers and others in response to
its proposed cyber security plan.
The agency said in a statement that it had carefully
considered incorporating some of the suggestions into the
proposed regulations, which will be finalized following another
30-day review by the industry and public.
"New Yorkers must be confident that the banks, insurance
companies and the other financial institutions that they rely on
are securely handling and establishing necessary protocols that
ensure the security and privacy of their sensitive personal
information," Financial Services Superintendent Maria Vullo said
in the statement.
"This updated proposal allows an appropriate period of time
for regulated entities to review the rule before it becomes
final and make certain that their systems can effectively and
efficiently meet the risks associated with cyber threats," she
Reuters last week first reported on the agency's plan to
delay the regulations.
(Reporting by Jim Finkle in Boston; Editing by Richard Chang)