Cybersecurity Regulation for Financial Service Companies: New York State Leads the Way
Author: Joseph D. Simon.; Elizabeth A. Murphy.
Source: Volume 30, Number 04, Summer 2017 , pp.27-36(10)
< previous article |next article > |return to table of contents
Abstract:
Financial services companies are facing new and increased risks of cyber-attacks that have the potential to significantly disrupt both the companies and their customers, and potentially to impact the entire U.S. economy. As result, the New York State Department of Financial Services has issued a far-reaching, “first-in-the-nation,” cybersecurity regulation that requires financial services companies regulated in New York to adopt a program and policy to prevent, detect, and respond to cybersecurity threats. This article discusses who is subject to the regulation and the requirements that are imposed, and provides insight on how the regulation is likely to impact the financial services industry as a whole.Keywords: cybersecurity, Chief Information Security Officer (CISO), monitoring, vulnerability, risk assessment, penetration testing, third-party services provider security
Affiliations:
1: Cullen and Dykman LLP; 2: Cullen and Dykman LLP.