Alumni Spotlight
Cummings '17 Uses Law School Basics in Cybersecurity, Regulatory Practice
Steven Cummings '17
Steven Cummings ’17 went back to the basics for even the most complex legal issues in his day-to-day work with the New York State Department of Financial Services (NYDFS) as BitLicense Applications Team Lead and Assistant Cybersecurity Counsel.
While at NYDFS, he recently authored guidance for financial services companies to help protect themselves from ransomware attacks. In writing the guidance, he tapped into things he learned in Intro to Lawyering as a 1L. Taking complex legal jargon, analyzing it, and making it understandable for the target audience is a skill many lawyers need, Cummings said.
“For lawyers who want to enter these newer fields, you have to be able to break things down so that everyone across different business units can understand. You have to be able to talk to executive, compliance, marketing, really everyone,” he said. “I remember Professor Ray Brescia had this idea of a lawyer as a teacher, which is absolutely true. But I would take it a step further and say that a lawyer also has to serve as a translator.”
After law school, he started in NYDFS’s Virtual Currency Unit through New York’s Excelsior Fellowship program, which places law students with state executive agencies for a two-year term. NYDFS’s Virtual Currency Unit regulates companies that engage in certain business activities involving virtual currency (e.g., Bitcoin). He was promoted out of the program, moved up to be the team lead, and along the way has learned all about the risk-driven nature of regulatory law.
Interested in Cybersecurity and Data Privacy?
The Cybersecurity and Data Privacy Programs are designed to provide cybersecurity professionals with the skills and knowledge to navigate a rapidly changing legal, regulatory, and policy landscape. We offer a rigorous curriculum taught by faculty who are thought leaders in the fields of information security, data privacy, cybercrime, intellectual property law, and more!
“As a regulator, you are primarily concerned with risk. It's all about the business plan, what are the risks posed by the entity’s business plan, and how do you deal with those? While a crypto entity’s business plan can pose several concerns, two risk categories in particular were always on my mind: money-laundering and cybersecurity,” he said. “There are other sources of risk, but those are the two that stand out, the ones that really have those huge implications.”
While cryptocurrency and ransomware surge in and out of the headlines, the guiding themes within virtual currency, cybersecurity, and data privacy can stand the test of time. “You're taking new facts, new technology, and connecting that to old law, as well as new laws that are coming out,” he said. “Unlike in law school, legal issues don’t exist in vacuums. Cybersecurity connects to virtual currency. Mergers and acquisitions connect to virtual currency. Property law connects to virtual currency. Anti-money laundering connects to virtual currency. Everything is connected.”
Though learning the foundation is always in fashion, being a step ahead on the emerging fields can only benefit law students, he noted. Cummings also became involved with bar associations early on and would encourage students to do the same, anything from finding a formal mentor to attending events and learning from industry experts.
“With networking, you don't drop the acorn, plant a tree, and in a month expect something to be there. It's going to take years for there to actually be something that you can then go back to. It's really relationship building. It takes time, it takes trust.”
He was a regulator with NYDFS from 2017 to 2021. In September 2021, he left NYDFS to join Schulte Roth & Zabel LLP as an associate in its Bank Regulatory Practice.
All of Albany Law School's Online Graduate Programs
Our graduate programs include master’s degree, advanced certificate, and LL.M. degree tracks. Study around your schedule by enrolling in one of our 100% online programs.
- Cybersecurity and Data Privacy
- Financial Compliance and Risk Management
- Health Law and Healthcare Compliance
- Human Resources: Law, Leadership, and Policy
- Government Affairs and Advocacy