• New York DFS
    Cybersecurity Regulation

Getting ready for new cybersecurity regulation.

New York has enacted a rigorous, first-in-the-nation cybersecurity regulation for financial institutions, and others that do business in the state.

The requirements from Department of Financial Services (DFS) go beyond what we’ve historically seen from regulators. Banks, insurance companies, and companies that do business in New York must now, among other things, assess their cyber risks, implement a comprehensive, written cybersecurity program, and manage the cyber risks of their third-party vendors. The groundbreaking regulation holds company board members personally liable for annual compliance certification.

Various requirement deadlines present immediate operational and risk management challenges for the many organizations across the globe that do business in the State of New York. For some requirements, the deadline is 180 days or less from March 1, 2017.

BDO’s cybersecurity team is well-versed in the DFS regulation. We help companies – and their boards of directors – both mitigate risk and ensure compliance with all aspects of the DFS regulation including:  

  • Data Governance and Classification
  • Asset Inventory and Device Management
  • Physical Security and Environmental Controls
  • Third-Party Vendor Management
  • Board Education
And by leveraging BDO’s proprietary cyber risk assessment tool – a secure, web-based solution that examines areas of potential technology risk – organizations can swiftly and cost-effectively measure the efficacy of their cyber risk management program against the regulatory mandates and identify areas of non-compliance.

To learn more about the NY DFS regulation, read this BDO Cybersecurity Alert.
Country: United States Change