This course is no longer available for credit on our site. Here are some similar courses you might be interested in:

On Demand Audio

The New DFS Cybersecurity Regulation: What Every Attorney Should Know

(711 reviews)

Produced on April 28, 2017

Taught by
$ 89 Business, Corporate, & Securities and Privacy & Cybersecurity In Stock

Course Information

Time 60 minutes
Difficulty Intermediate

Course Description

Business technology has been exploding in recent years, and so has the cyber risk that comes with it. As these changes accelerate, the law has struggled to keep up.

On March 1, 2017, the first-of-its-kind mandatory state cybersecurity regulation took effect via the New York State Department of Financial Services (DFS). The Cybersecurity Requirements for Financial Services Companies (23 NYCRR § 500) creates mandatory risk management and security regulations for companies in banking, insurance and financial services and brings with it a series of security-related requirements (including reporting requirements beyond data breaches).

At first glance, the regulation may appear limited to the banks, insurance and financial services companies regulated by DFS, but its third party provisions tell a different story. 

What effect will the cybersecurity regulation have beyond the companies regulated by DFS? How does it alter the cyber law landscape? And for attorneys outside of New York, how might the regulation serve as a bellwether for changes nationwide?

Learning Objectives:

  1. Identify who is covered by the cybersecurity regulation

  2. Recognize who else can be affected

  3. Comprehend the regulation’s core requirements (and benefits)

  4. Appreciate potential downstream effects

  5. Understand counsel’s role in compliance

  6. Anticipate potential changes on the national scene augured by the DFS Regulation


Scott Aurnou

The Security Advocate

Scott Aurnou, Esq., CISSP is an attorney and founder of The Security Advocate, which helps organizations with information security and data privacy issues. This includes privacy and security awareness training, security consulting, compliance with cyber security and privacy laws and related legal concerns.

Scott spent over a decade as a litigation attorney in the NYC area, and served as lead counsel for a private client services group at Smith Barney. He uses his legal, security, and business background to make complex information security concepts easy to understand (and even entertaining on occasion) for non-technical audiences. He has published security related articles in national publications ranging from the New York Law Journal to SC Magazine. In addition, he has created and delivered numerous presentations on information security and data privacy issues for executives, managers, and professionals.

Scott is a Certified Information Systems Security Professional (CISSP), Certified Information Privacy Technologist (CIPT), Certified Information Privacy Professional (CIPP/US) and a Fellow of Information Privacy (FIP). He is admitted to practice law in New York, Colorado, the U.S. District Courts for the Eastern and Southern Districts of New York; as well as the U.S. Court of Appeals for the Second Circuit. He is also the author of the Introduction to Information Security LiveLessons video training series for Pearson Publishing. 


Sam H.

Excellent speaker and content

Donald M.

Excellent presentation and topic

Loan N.

One of the best classed

Mabel v.

This speaker was great - very well-informed, engaging and a pleasure to watch.

Michele K.

Thank you

Sedgwick J.

I thought this was an excellent program. It provided a good overview of the NY cybersecurity law and provided relevant information.

Randi M.

I remember Scott from the programs I watched last year. He is a great presenter and source of knowledge on the cyber security topic.

joseph d.

Extremely well done course.

Bruce R.

Timely information. Very helpful

Elissa K.

The instructor did a great job covering highly technical information in a straight forward, plain English manner. Very well done.

Kristen C.

Thank you!! Very helpful program!!

Thomas C.

Well done, thank you. Very comprehensive.

Alex M.

Scott is absolutely terrific. He is one of the most knowledgeable instructors that I have run across on Lawline.

Karen K.

This presenter was spot on, time efficient, and content rich! I have read up on this new cyber reg a lot, and have attended many webinars/talks on it -- still learned many things from Scott Aurnou on this CLE program. Thank you!

Amy E.

Very thorough, interesting and informative.

Michael L.

Excellent and informative presentation

Harriet B.

Good presenter. Very clear and concise.

L. Frank C.

Excellent presenttion

Thomas G.

The presenter was excellent.

Christopher B.

This was an excellent presentation on a topic that is not very well known. The written materials were very helpful.

Andrea W.

Very good speaker. Very informative.

Ruth C.

Excellent presenter

Diana K.

Very helpful and well structured.

Joseph L.

VERY Competent Presenter, Encyclopedic. What a minefield if you don't specialize.

Robert M.

Excellent presentation regarding cyber security issues

Keith M. F.


Load More