Cybersecurity Requirements For Financial Service Companies
New York State Department of Financial Services (“DFS”), closely following the evergrowing threats to information and financial systems of nation-states, the terrorist organizations. Recently attackers try to use technological vulnerabilities to gain access to electronic data. Cybercriminals can lead to significant financial losses DFS regulated entities as well as consumers in New York, whose personal information may be disclosed and / or stolen for illegal purposes. The financial services industry is an important subject of cyber security threats. DFS understands that many firms are actively increased their programs in the field of cyber security with great success.
The new edition comes into its force from March 1, 2017 the official collection of codes, rules and regulations of the State of New York.
Changes were sledushchego:
1. Section 500.00 Introduction.
2. Section 500.01 Definitions.
3. Section 500.02 Cybersecurity Program.
4. Section 500.03 Cybersecurity Policy.
5. Section 500.04 Chief Information Security Officer.
6. Section 500.05 Penetration Testing and Vulnerability Assessments.
7. Section 500.06 Audit Trail.
8. Section 500.07 Access Privileges
9. Section 500.08 Application Security.
10.Section 500.09 Risk Assessment.
11. Section 500.10 Cybersecurity Personnel and Intelligence.
12. Section 500.11 Third Party Service Provider Security Policy.
13. Section 500.12 Multi-Factor Authentication.
14. Section 500.13 Limitations on Data Retention.
15. Section 500.14 Training and Monitoring
16. Section 500.15 Encryption of Nonpublic Information.
17. Section 500.16 Incident Response Plan.
18. Section 500.17 Notices to Superintendent.
19. Section 500.18 Confidentiality.
20. Section 500.19 Exemptions.
21. Section 500.20 Enfortsement
22. Section 500.22 Transitional Periods.
23. Section 500.23 Severability.
The number of cyber events has been steadily increasing and estimates of potential risk to our financial services industry are stark. Adoption of the program outlined in these regulations is a priority for New York State.