Two years after releasing its first-of-its-kind cybersecurity regulation for the financial services industry, the New York State Department of Financial Services created a Cybersecurity Division. The Division’s Executive Deputy Superintendent, Justin Shibayama Herring, recently spoke to Davis Polk partner Robert A. Cohen, former chief of the SEC’s Cyber Unit, about the Division’s examination and enforcement focus, including lessons from recent cases, navigating the panoply of cyber regulations and incident reporting challenges, and best practices when adopting affiliates’ cybersecurity programs. We distill insights from the conversation. See “Present and Former SEC Attorneys and Defense Counsel Discuss Cyber Disclosure and Cyber Enforcement” (Nov. 20, 2019).