On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published updated proposed amendments to its cybersecurity regulation (the “2023 Proposal”) applicable to “covered entities.” These updated amendments come after comments from industry groups and other stakeholders to the NYDFS’s proposed revisions that were published on November 9, 2022. In Mayer Brown’s Legal Update, we provide a section-by-section analysis of new requirements in the 2023 Proposal, which is extensive and would significantly expand requirements for covered entities.
