GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?

Table of Contents

Lead Story

Postcards from payments 2026

Dale S. Laszig


Industry Update

U.S. merchants inch toward EMV compliance

RDC evolves beyond checks

New York set to enact cybersecurity law

Trade Association News: Acquiring with smarts and heart


Nonprofit payments: opportunities and challenges


Same-day ACH and faster payment

Patti Murphy
ProScribes Inc.

Critical issues in payments today - Part 2

Brandes Elitch
CrossCheck Inc.


Street SmartsSM:
Are you in the payments matrix?

John Tucker
1st Capital Loans LLC

Address payment security during the sales process

Jeff Fortney
Clearent LLC

The narrowing delta between ISO and merchant portfolio valuations

Adam Hark
Preston Todd Advisors and

Not too big to fail: Processor bankruptcy

Adam Atlas
Attorney at Law

Company Profile

First Data Corp.

New Products

Interest-free online, in-store installment plans

Splitit USA Inc.

VIP treatment for large restaurants, retailers

VIP Account program
Harbortouch Payments LLC


Heat up your sales with cold calls


Letter from the editors

Readers Speak

Resource Guide


A Bigger Thing

The Green Sheet Online Edition

October 10, 2016  •  Issue 16:10:01

previous next

New York set to enact cybersecurity law

New York State Governor Andrew Cuomo, in cooperation with the state's Department of Financial Services (DFS), proposed legislation requiring New York banks, insurance companies and financial institutions to implement cybersecurity programs aimed at protecting consumers and the financial services sector. Introduced Sept. 13, 2016, the bill will be subject to a 45-day public comment period prior to being enacted into law.

Cuomo called New York the financial capitol of the world and said it leads the nation in protecting the U.S. financial system and consumers from economic harm by rogue state-sponsored organizations, global terrorist networks and other criminal enterprises. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he stated.


Cuomo's interest in protecting individuals and businesses from the scourge of cybercrime dates to 2011, when he was first elected to office, according to Mahesh Nattanmai, Executive Deputy Chief Information Officer in New York's Office of Information Technology Services. Nattanmai is leading efforts to streamline and improve consumer access to government services. "We have to know what we run, what we own," he said. "We need to take standardization as our first step, then get into security and transforming the applications."

To gain insight into what will be required to consistently safeguard sensitive information, the state surveyed nearly 200 banks and insurance companies regarding their data security practices. The agency also met with cybersecurity experts to explore the evolving threat landscape and due diligence processes, policies and procedures related to working with third-party solutions providers. Three reports resulting from these meetings, along with the surveys, were used in the rulemaking process, the DFS stated.

In June 2016, leading security analysts were among 1,200 attendees at the 19th annual New York State Cyber Security Conference, held in Albany, N.Y. The event, co-hosted by the New York State Office of Information Technology Services, the NYS Forum Inc. and the State University of New York's Albany School of Business, highlighted New York's continuing commitment to improving security awareness, education and best practices. A threat simulation exercise enabled attendees to role-play incident response scenarios. Additional presentations and breakout sessions addressed a range of issues facing end users and IT professionals.


"Consumers must be confident that their sensitive nonpublic information is being protected and handled appropriately by the financial institutions that they are doing business with,' said DFS Superintendent Maria T. Vullo. "Regulated entities will be held accountable and must annually certify compliance with this regulation by assessing their specific risk profiles and designing programs that vigorously address those risks."

New York was the first state to introduce cybersecurity regulations. If enacted, a Chief Information Security Officer will be appointed to oversee and enforce policies and procedures. The regulations are designed to be flexible and promote innovation. Additional information is available at < a href='' target="blank">

October 2016 will mark the 13th anniversary of National Cyber Security Awareness Month, a public effort to raise cyber security awareness in public and private sectors. The multi-agency initiative is co-sponsored by the U.S. Department of Homeland Security, National Cyber Security Alliance, National Association of State Chief Information Officers and Multi-State Information Sharing and Analysis Center.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Impact Paysystems | Electronic Merchant Systems | Board Studios