Compare with different regulatory event:
On 14 August 2023, the New York State Department of Financial Services (NYDFS) closed the consultation on the revised proposed Second Amendments to the cybersecurity obligations of financial services companies (23 NYCRR 500). The Second Amendment include an update regarding the clarification on covered entities, clarifying the criteria for "Class A Companies," expanding the definition of "privileged account," specifying governance responsibilities, removing the requirement for external experts in risk assessments, adding requirements for incident response and business continuity plans, and expanding multifactor authentication requirements. Furthermore, NYDFS has made changes to notifications and certifications, including narrowing the scope of the annual compliance certification and extending transition periods for new requirements.
Original source