As you probably know by now, on February 16, the State of New York’s Department of Financial Services (DFS) finalized its new cybersecurity regulations, which take effect on March 1, 2017. These regulations are somewhat redundant with others in the financial services industry (i.e. FFIEC, GLBA, NIST CSF, OCC, etc.) but tend to go a bit further with several specific prescriptive requirements. For example, the New York State cybersecurity regulations cover nonpublic data (rather than customer data), mandate the presence of a CISO (or third-party equivalent) and require a program for secure data destruction.To read this article in full or to leave a comment, please click here
Read the full article