NY DFS Tightens Screws on 3rd Party Cyber-Risk for Financial Firms

NY DFS Tightens Screws on 3rd Party Cyber-Risk for Financial Firms

ACE IT Solutions Managing Partner, Warren Finkel, recently spoke to FinOps about New York State’s Department of Financial Services new rules on managing cyber-risks and how banks are expected to protect critical non-public customer data.

“Out of sight doesn’t mean out of mind when it comes to following New York State’s new rigorous rules on how banks must manage cybersecurity risk.

Cybersecurity information security officers (CISOs), IT directors, compliance managers, legal counsel, and vendor procurement specialists will need to work together to perform due diligence on third-party vendors, negotiate new contracts, revise old contracts and continually monitor third-party relationships. The same principles associated with any outsourced service also apply to third-party cybersecurity risk management.” Read more . . .