Friday, 4 December 2015

The New York Department of Financial Services proposes cybersecurity regulations

The New York Department of Financial Services (“DFS”) had announced in March of 2015 that as part of its plan to address a possible Cyber 9/11, it would revamp examinations of banks and insurance companies to incorporate new, targeted assessments of cybersecurity preparedness, and would consider steps to address the cybersecurity of third-party vendors.

On November 9, 2015, the DFS issued a letter to federal regulators and other interested parties proposing cyber security regulations to that effect. The proposal addressed, among other things, cybersecurity of third party vendors, technical requirements such as multi-factor authentication and notification requirements in the event of a cybersecurity incident.

In its letter, the DFS expressed its desire to coordinate efforts with federal and state agencies in creating a cyber security framework.  The DFS approach varies from the risk based approach taken earlier this by the FFIEC with its cybersecurity assessment tool (see our related post here). and the SEC with its cybersecurity guidance (see our related post here) for funds and advisers. For the full article click here 



from cyber security caucus http://ift.tt/1O7bBTR
via IFTTT

No comments:

Post a Comment