New York State Department of Financial Services (NYS DFS) cybersecurity proposal issues a regulation protecting consumers data from banks, insurance companies, and other financial services institutions.
New NYS DFS Regulations
NYS DFS cyber security notice states that the proposed regulation will be effective March 1, 2017. The new cyber security regulations will require financial institutions to protect consumer data and maintain a mature cyber security program at their organizations. These regulations expand further than protecting Nonpublic Personal Information (NPI) but will not also include the regulations of non-public business information. The NYS DFS Regulations will also mandate penetration testing and require that data incidents be reported to NYS DFS within 72 hours.
The regulations state that all financial institutions must conduct a risk assessment which will allow the organization to truly understand the information they hold and the risks to their businesses. Part of this cyber security program also includes the organization to have a Vendor Risk and Third Party Service Provider management program in place. The Vendor Risk Management policy will ensure that security of Information Systems and Nonpublic Information that are accessible to Third Party Service Providers.
These new regulations should mature the cyber security practices in the financial services industry and will make these programs more effective through outlines risk assessment guidelines to follow. Fines will be enforced, so the cyber security practice must be taken seriously. The results will net a stronger Governance, Risk and Compliance standards for the organization. Click here to review more information about the cybersecurity requirements for financial services companies
Type of Institutions that fall under these new New York State Department of Financial Services Cyber Security Regulations are:
- Banks & Trust Companies
- Budget Planners
- Charitable Foundations
- Check Cashers
- Credit Unions
- Domestic Representative Offices
- Foreign Agencies, Bank Branches, and Representative Offices
- Health Insurers, Accident, and Related Entities
- Holding Companies
- Investment Companies
- Licensed Lenders
- Life Insurance Companies
- Money Transmitters
- Mortgage Bankers, Brokers, Loan Originators and Loan Services
- New York State Regulated Corporations
- Premium Finance Agencies
- Private Bankers
- Property and Casualty Insurance Companies
- Safe Deposit Companies
- Sales Finance Companies
- Savings Banks and Savings and Loan Associations (S&Ls)
- Service Contract Providers
- Banks & Trust Companies
Finally, for more information, feel free to reach out to us on our Financial Services Risk Assessment Services at [email protected], thank you!