Will NY Cyber-Regs Put Some Companies Out Of Business?

New cybersecurity standards for the financial industry in New York state will be hardest on mid-sized companies, says an article in Insurance Journal, and one industry executive goes so far as to suggest they could drive some companies out of business. It’s a dynamic that some no doubt will see as paradigmatic, at it echoes more general criticism of financial regulation that is being voiced by conservatives, including Steven Mnuchin, the new Treasury secretary. With regard to the New York state regulations, according to a senior VP at Marsh’s Financial and Professional Products, mid-sized companies are unlikely to have the resources or budget to meet the new requirements, nor will they qualify for exemptions reserved for smaller institutions. Consequently they may need to pass costs on to their customers or, in some cases, exit the market. According to a financial trade group (based on information gleaned from its members), for those companies currently without a designated chief security officer or current working program and who essentially need to start from scratch, compliance with the new regs will cost between $65,000 and $85,000 per year.