AWA’s NYDFS Cybersecurity Services
The New York Department of Financial Services (NYDFS) has issued its long-awaited cybersecurity regulation which applies to all organizations operating within its jurisdiction. This includes entities with a license, registration, or charter, and others that fall within New York DFS regulations. It also applies to unregulated third-party service providers for regulated organizations.
AWA cybersecurity experts assist financial institutions in preparing their information security programs for NYDFS compliance. This includes setting up security policies and implementing practices that address data breach notifications, access control, disaster recovery, network security, data privacy controls, auditing, and risk assessments.
Since NYDFS cybersecurity requirements went into effect in 2019, financial institutions are required to appoint a chief information security officer (CISO) and maintain complete cybersecurity policies and an incident response plans. Further, the NYDFS Framework outlines specific standards and procedures to help safeguard against a range of cyberattacks including denial-of-service attacks, viruses, malware, phishing expeditions and other disruptive threats.
What Are NYDFS Regulations?
NYDFS cybersecurity regulations are applicable to licensed entities, such as banks and lenders, cybersecurity firms and technology companies providing financial services, which operate within New York State. NYDFS also regulates New York-based entities, even if they’re not NYDFS licensed, and companies based out of state which do business in New York (e.g., money transmitters, virtual currency exchanges, etc).
NYDFS is a high priority since it is the first financial regulator in the United States to regulate cybersecurity standards. Contact AWA to learn more about NYDFS cybersecurity services.