Filed under: Uncategorized | Tags: Cyber Liability, Cyber Resiliency, DFSPart500, Did You Know That?, nysdfs, Sean O'Rourke
“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: Cybersecurity is much more than an IT topic.” Stephane Nappo
And now Part 2 of the 2-part premiere of DYKT? Snippets. We’re closing out the conversation about the New York State Department of Financial Services (NYSDFS) Part 500 cyber regulations. Be sure to watch Part 1 before diving into these videos.
For context, here are some links for the regulations & the actual requirements:
Who NYSDFS Supervises: https://www.dfs.ny.gov/who_we_supervise
NYSDFS Industry Definitions: https://www.dfs.ny.gov/institution_definition
NYSDFS Cybersecurity Resource Ctr: https://www.dfs.ny.gov/industry_guidance/cybersecurity
Regulation Sections:
500.02 – Cybersecurity Program
500.03 – Cybersecurity Policy
500.04 – Chief Information Security Officer (exempt)
500.05 – Penetration Testing & Vulnerability Assessments (exempt)
500.06 – Audit Trail (exempt)
500.07 – Access Privileges
500.08 – Application Security (exempt)
500.09 – Risk Assessment
500.10 – Cybersecurity Personnel and Intelligence (exempt)
500.11 – Third Party Service Provider Security Policy
500.12 – Multi-Factor Authentication (exempt)
500.13 – Limitations on Data Retention
500.14 – Training and Monitoring (exempt)
500.15 – Encryption of Nonpublic Information (exempt)
500.16 – Incident Response Plan (exempt)
500.17 – Notices to Superintendent
Music: “Camaro” by Oliver Michael via Artlist
Leave a Comment so far
Leave a comment
