If you asked me what the first item of business would be for me as a new CISO or CIO in an organization, my answer would be to perform a cyber security risk assessment to improve overall security management. Actually, I’d probably install an espresso maker, but risk assessments would be a close second. Having a risk assessment done involves identifying… Read More
Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply. Whether… Read More
The New York State Department of Financial Services (NYDFS) has recently proposed a detailed and wide-ranging set of cyber security regulations for insurers, banks, and other regulated financial entities. While the proposed requirements do not spell out what means may be used to enforce the requirements, nor possible penalties, the NYDFS has broad criminal and civil… Read More