The New York Department of Financial Services issued a reminder to all covered entities that its cybersecurity regulation took effect on Aug. 28, 2017. Banks, insurance companies and other financial services institutions regulated by DFS are now required to have a cybersecurity program designed to protect consumers' private data; a written policy or policies that are approved by the board or a senior officer; a Chief Information Security Officer to help protect data and systems; and controls and plans in place to help ensure the safety and soundness of New York's financial services industry. Covered entities are also required to begin reporting cybersecurity events through the NYDFS online cybersecurity portal, among other requirements.