In response to frequent interested-party requests for guidance, including from NAIFA-NYS, regarding how to comply with the new cyber-security regulation, the DFS recently released answers to two critical concerns:  (1) whether certain covered entities can file notices of exemption for their employees and captive agents and (2) when covered entities should report cyber attacks.  Read the new DFS guidance HERE.