The New York Department of Financial Services has just proposed significant new cybersecurity rules for banks and financial services companies doing business in New York. These regulations come in the wake of repeated cybersecurity breaches at many banks and other financial services companies.  While the regulations set minimal standards all institutions must follow, the regulations were written in a manner to encourage companies to go further and not limit security innovation.  Among the provisions of the regulations are the establishment of the position of chief information security officer at each company as well as increased use of encryption and dual factor authentication.  In addition, the proposed regulations also carry potential criminal liability for officials of companies not meeting the new standards.  The proposed regulations are open to public comment for 45 days and are slated to go into effect on January 1, 2017.

TIPS

Here is a link to the proposed regulations.  http://www.dfs.ny.gov/legal/regulations/proposed/rp500t.pdf

While these regulations are a good start toward more secure banking, it is still important for all of us to take responsibility for our own secure banking.  First and foremost you should monitor your bank accounts often for indications of any irregularities.  You should be particularly careful when banking with your smartphone or on your computer.  Use a strong password, strong security question and multi factor authentication whenever possible.  Here is a link to a column which I wrote for USA Today with more tips on how to protect yourself when banking online or on your phone.  http://www.usatoday.com/story/money/columnist/2016/02/27/e-banking-tip-moms-maiden-name-say-grapefruit/80756330/