Webinar: New York Department of Financial Services (NYDFS) regarding vendors
“Peeling back the layers of the cyber regulation: Focus Vendors” will address the five pressing questions around this important new cyber regulation on 12/16/16 at 12 noon ET.
With the number and magnitude of cyber events steadily increasing, the financial industry continues to be a significant target. The State of New York’s proposed cyber regulations, covering banks, insurance companies, and other financial institutions licensed in New York, endeavor to protect these organizations from the debilitating losses associated with a cyber event by mandating multiple comprehensive policies, stringent standards and C-Suite certifications. Achieving compliance with these far reaching requirements will require a combination of technical and legal advice.
Governor Cuomo announces proposal for first-in-the-nation cybersecurity regulations to protect consumers and financial institutions for state of New York. [Read article]
Consult with Cyber Advisers about NY DFS
Evolver, a technology company and creator of the “Cyber Risk Ecosystem” provides step-by-step assistance as you implement your program. Working with legal counsel, we deliver the deep experience on cyber regulations that is critical during this time.
New York Department of Financial Services Cyber Requirements:
Establishment of Qualified CISO | Penetration Testing | Notices to Superintendent | Encryption of Data at Rest/Transit | Preservation of Data
Policies and Procedures
Written Cybersecurity Policy | 3rd Party Information Security Policy | Limitations on Data Retention | Training & Monitoring | Incident & Response Plan | Application Security | Risk Assessment
Assessments and Reports
CISO Report | Annual Statement of Compliance | Vulnerability Assessments Risk Assessment | Notice of Cybersecurity Event
If you are uncertain about the proposed regulations, your obligations or the potential impact, we will help you through the process. Working together, we will assess your current cyber profile and address the areas where your organization is noncompliant.