The IT Law Wiki

Cybersecurity Requirements for Financial Services Companies

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

New York Department of Financial Services, Cybersecurity Requirements for Financial Services Companies (Proposed), 23 NYCRR 500 (Sept. 13, 2016) (full-text).

Overview Edit

This regulation requires banks, insurance companies, and other financial services institutions regulated by the State Department of Financial Services to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State's financial services industry.

It requires regulated financial institutions to establish a cybersecurity program; adopt a written cybersecurity policy; designate a Chief Information Security Officer responsible for implementing, overseeing and enforcing its new program and policy; and have policies and procedures designed to ensure the security of information systems and nonpublic information accessible to, or held by, third-parties, along with a variety of other requirements to protect the confidentiality, integrity and availability of information systems.

Also on Fandom

Random Wiki