NY DFS

New York's cybersecurity regulation for financial services requires covered entities to maintain comprehensive security programs including CISO designation, MFA, encryption, and incident reporting. The 2023 amendments are fully effective as of November 2025.