{"id":261271,"date":"2026-06-01T12:13:00","date_gmt":"2026-06-01T16:13:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/nydfs-issues-dual-advisories-on-frontier-ai-cybersecurity-risks-and-heightened-threat-preparedness-orrick-herrington-sutcliffe-llp\/"},"modified":"2026-06-01T14:30:23","modified_gmt":"2026-06-01T18:30:23","slug":"nydfs-issues-dual-advisories-on-frontier-ai-cybersecurity-risks-and-heightened-threat-preparedness-orrick-herrington-sutcliffe-llp","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/nydfs-issues-dual-advisories-on-frontier-ai-cybersecurity-risks-and-heightened-threat-preparedness-orrick-herrington-sutcliffe-llp\/","title":{"rendered":"NYDFS issues dual advisories on \u2018frontier AI\u2019 cybersecurity risks and heightened threat preparedness | Orrick, Herrington &#038; Sutcliffe LLP"},"content":{"rendered":"<p><a href=\"https:\/\/www.jdsupra.com\/legalnews\/nydfs-issues-dual-advisories-on-5567241\/\">NYDFS issues dual advisories on \u2018frontier AI\u2019 cybersecurity risks and heightened threat preparedness | Orrick, Herrington &#038; Sutcliffe LLP<\/a><\/p>\n<p><a href=\"https:\/\/www.jdsupra.com\/legalnews\/nydfs-issues-dual-advisories-on-5567241\/\">https:\/\/www.jdsupra.com\/legalnews\/nydfs-issues-dual-advisories-on-5567241\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-01 12:13:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.jdsupra.com\">www.jdsupra.com<\/a><\/p>\n<p>On May 21, NYDFS issued two industry letters addressing cybersecurity risks in a \u201cheightened threat environment.\u201d The first advisory warns regulated entities about heightened cybersecurity risks associated with advanced \u201cfrontier AI\u201d models, which the department said \u201camplify the potency, scale, and speed of identifying vulnerabilities and exploits in information systems.\u201d NYDFS urged regulated entities to improve their security posture in preparation for the potential broader availability of these models. The advisory recommends that regulated entities review and update risk assessments, consider replacing outdated or legacy information systems, and ensure full compliance with NYDFS\u2019 Cybersecurity Regulation: 23 NYCRR Part 500 (Part 500). The advisory builds on AI-related cybersecurity guidance the department issued in October 2024 (previously covered by InfoBytes here). NYDFS specifically recommended that regulated entities consider: (i) expedited vulnerability management; (ii) coordinating with third-party service providers to secure \u201cmaterial\u201d downstream dependencies; (iii) strengthening the security of programming practices, including human oversight for AI-generated code prior to deployment; and (iv) heightening monitoring to promptly identify and report suspicious activity.<\/p>\n<p>In conjunction, NYDFS issued separate guidance on various measures beyond the minimum controls required under Part 500 that regulated entities should consider in a heightened cybersecurity threat environment, which the department defined as existing when \u201ccybersecurity risks are significantly elevated and therefore have a high likelihood of impacting\u201d information systems, nonpublic information, or operations. The guidance identifies best practices across three areas: (i) reducing the attack surface, including promptly remediating known exploited vulnerabilities, employing phishing-resistant multifactor authentication, and confirming secure programming&#8230;<\/p>\n<p><a href=\"https:\/\/www.jdsupra.com\/legalnews\/nydfs-issues-dual-advisories-on-5567241\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>NYDFS issues dual advisories on \u2018frontier AI\u2019 cybersecurity risks and heightened threat preparedness | Orrick,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":261272,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/jdsupra-static.s3.amazonaws.com\/profile-images\/og.13091_35.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,25,57,27],"class_list":["post-261271","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-phishing","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261271"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=261271"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261271\/revisions"}],"predecessor-version":[{"id":261273,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261271\/revisions\/261273"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/261272"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=261271"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=261271"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=261271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}