Collaborate Disseminate
New York First in Nation to Implement Statewide Cybersecurity Regulation for Financial Services Industry
One point five million dollars. That’s how much it’s going to cost an independent mortgage lender after New York’s Department of Financial Ser… Continue reading NYDFS Levels First NYCRR 500 Penalties | Apptega
23 NYCRR 500, also known as NYDFS Cybersecurity Regulation, is a law issued by the New York State Department of Financial Services (NYDFS) that mandates the enforcement of optimal data security standards to safeguard websites and apps. 23 NYCRR 500 […]… Continue reading A New York special: NYDFS cybersecurity regulation (23 NYCRR 500)
Three years after enacting one of the most exacting cybersecurity regulations in the United States, the New York State Department of Financial Services (NYDFS) recently filed its first cybersecurity enforcement action. This enforcement action shows the importance of mitigating legal risks when addressing cybersecurity risks. NYDFS alleged that First American Financial, one of the country’s largest providers of title insurance, failed to properly address a known security vulnerability on its website that allowed millions of documents containing consumers’ nonpublic information to be exposed. After the vulnerability surfaced in a penetration test, First American misclassified the vulnerability as “low,” failed to investigate the vulnerability in the timeframe set by the company’s cybersecurity policy, the scope of documents that were exposed, and heed the recommendations of its in-house cybersecurity team. The timing of the NYDFS’s inaugural enforcement action shows that cybersecurity remains a key priority for government agencies, even during the COVID-19 […]
The post 3 strategies for addressing sensitive legal cybersecurity issues appeared first on CyberScoop.
Continue reading 3 strategies for addressing sensitive legal cybersecurity issues
In our 2020 Trends blog, Imperva CTO Kunal Anand predicts that fully automated processes will make compliance more rapid and less expensive. As businesses incorporate security into software development lifecycles (SDLC), continuous integration-continuo… Continue reading Making Compliance and Risk Part of DevOps – 2020 Trend #4
NYDFS Cybersecurity Regulation, 23 NYCRR 500 On March 1, 2017, the New York State Department of Financial Services (NYDFS) introduced new cybersecurity regulations for financial services companies that address the growing threat posed by cyber-cr… Continue reading What is NYDFS?
The Sarbanes-Oxley Act (SOX) was introduced following a number of financial scandals involving huge conglomerates and obliges companies to establish internal controls to prevent fraud and abuse, holding senior managers accountable for the accuracy of f… Continue reading Key Compliance Concepts for Financial Services
Organizations have much more than just data to lose in a third-party breach. Besides losing consumer confidence and loyalty, companies can face costly penalties for violating data privacy regulations.
The post Tips for Your Vendor Security: … Continue reading Tips for Your Vendor Security: Complying With Regulations
Cybersecurity is important for companies in all industries, however it’s extremely critical for the financial sector. The state government of New York has provided assistance by adding additional security measures for the financial indus… Continue reading 5 Minute Guide: The NYDFS 500 Cybersecurity Regulations
The two-year implementation period for the New York Department of Financial Services (NYDFS) cybersecurity regulation, 23 NYCRR 500, will be over on March 1. This means that the final requirement involving entities that use third-party providers w… Continue reading NYDFS Cybersecurity Regulation Deadline Looming
There is a lot happening in regards to regulation for financial institutions (FIs) around the globe. In many countries, there is a drive for further regulation; meanwhile in the U.S., we are seeing bank regulation reform and deregulation, as evidenced… Continue reading Top Banking Regulations & Security Compliance Requirements for 2018