DFS Rulemaking on Cybersecurity Published

Staff Contact: Johnny Evers, PhD
December 28, 2016

The Department of Financial Services (DFS) published a revised rulemaking on cybersecurity requirements for financial institutions in the December 28, 2016 State Register.

The revised text of the rulemaking is available here.

In issuing the revised rule, the Department said it had received more than 150 comments on the initial rule. DFS will be accepting comments on the revised rule until January 27, 2017.

The revised rule addresses several of the issues raised by The Business Council, but our members’ most significant concerns regarding lack of flexibility and excessively broad scope were not amended.

Major changes (listed by section) are provided below. We welcome member input on this revised rule.

In the December 28th publication DFS also outlined the Assessment of Public Comment containing the major changes between the initial draft regulations and the revised regulations. These comments are summarized as follows: Asssessment of Public Comment and State Register.