New York Upgrades Cybersecurity Regulations For Finance

In the ever changing and increasingly connected technology age, the amount of vulnerable information regarding financial details is becoming somewhat insurmountable.

One organization in the U.S. that has been paying close attention to cybersecurity threats in this area is the New York State Department of Financial Services (DFS). As it recently found cybercriminals trying to gain access to sensitive electronic data, the group has put into place safeguards that have been made effective today (Mar. 1).

In hopes of dissuading cybersecurity penetration from nation-states, terrorist organizations and independent criminal actors, DFS’ new regulations seek to address the risks to all regulated entities in the state by putting standards in place. Regulators are seeking to protect customer information in tangent with the information technology systems of regulated entities.

Every company will now be required to analyze any cybersecurity vulnerabilities in a risk profile and develop a system to address those in a serious manner. In this new regulation, senior management will hold sole responsibility for the company’s cybersecurity program and will be required to submit a yearly certificate to authenticate its compliance with these activities.

While this may seem like an easy task for some, there’s a chance that the process could become cumbersome. The DFS is giving organizations 180 days after its effective date to put these practices in place. At this time, there have not been any penalties outlined for those that do not meet these new regulation standards.