Judith Germano
Mid-November marked the end of the comment period for New York’s “first in nation” proposed cybersecurity legislation for financial institutions. As the hot topic of the day, many regulators and government officials have felt compelled to take a stand on cybersecurity. It seems counterintuitive to set out to protect constituents by inaction. But the wrong type of action, including through inflexible and far-reaching state required mandates, only adds to the growing clamor of distractions about how companies should best secure their systems.