SlideShare a Scribd company logo

New York Cybersecurity Requirements for Financial Services Companies

Citrin Cooperman
Citrin Cooperman

Is Your Strategy in Place to Meet the NYS DFS Regulation? Understanding New York State’s required cybersecurity policies and procedures, how these new regulations apply to you, and what you need to do to become compliant can all be confusing and overwhelming. To help you through this process, Citrin Cooperman and Walker Wilcox Matousek, LLP hosted an informational webinar to walk you through the complexities of this new regulation. Key questions that were answered, include: What’s required under the new regulation? Does this new regulation apply to you? How will you comply with this new regulation? What are the consequences of not complying?

1 of 23
Download to read offline
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM NY Cybersecurity Requirements for Financial Services Companies
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM TODAY’S PRESENTERS David Rosenbaum Principal Citrin Cooperman & Company LLP drosenbaum@citrincooperman.com 914-693-7000 Jeremy Kerman, Esq. Attorney Walker Wilcox Matousek LLP jkerman@wwmlawyers.com 312-244-6700 Celeste King, Esq. Founding Partner Walker Wilcox Matousek LLP cking@wwmlawyers.com 312-244-6700
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT REGULATION? New York State Department of Financial Services 23 NYCRR 500
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT IS CYBERSECURITY? Computers • Desktops • Laptops • Tablets • Phones Networks • Servers • Firewalls • Peripheral devices • Internet of Things (IoT) Data (at rest) • On file servers • On computer hard drives • On backup or removable media • In the Cloud Data (in motion) • Email • Web, portals • Networks, Wi- Fi • Faxes • Phones
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT ARE THE OBJECTIVES OF CYBERSECURITY? • Data Confidentiality • Data Integrity • Data Availability
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHY DOES NEW YORK STATE CARE? • Ever-growing cyber threat • Privacy of NY consumers’ data • Financial risk to covered entities • Financial services industry is a significant target
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM THE BIG 3 QUESTIONS? 1. Do the new regulations affect me? 2. How do I comply with the new regulations? 3. What happens if I do not comply?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM DO THE NEW REGULATIONS AFFECT ME? Regulations govern businesses governed by NYDFS - this includes: • Banks and Trust Companies • Budget Planners • Charitable Foundations • Credit Unions • Insurance Companies (health, life, P&C) • Holding Companies • Investment Companies • Mortgage Bankers and Brokers • “Third-Party Service Providers” of any of the above businesses
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Partial exemptions for companies: • <10 employees • <$5M gross annual revenue in each of last 3 years • <$10M in year-end total assets • No non-public information  Note: What if you go from exempt to non-exempt? DO THE NEW REGULATIONS AFFECT ME?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM HOW DO I COMPLY WITH THE NEW REGULATION? Two broad requirements: 1. Self-Risk Profile Assessment 2. Design and Implementation of Cybersecurity Program &
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Reporting Requirements: • Annual certification confirming compliance • Report any act or attempt, successful or unsuccessful • 72 hours to report cybersecurity event if: • Notice is required for any other agency or gov’t body, or • Event has a “reasonable likelihood” of materially harming any material part of normal operations HOW DO I COMPLY WITH THE NEW REGULATION?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM • Identify and assess both internal and external risks • Defensive infrastructure, policies, and procedures to: • Protect nonpublic information • Deal with any cybersecurity event • Have a written, easily revisable policy, to protect information • Approved by security officer or Board, • Addresses all aspects of cybersecurity • Unique to your business HOW DO I COMPLY WITH THE NEW REGULATION? Risk Assessment:
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Multi-Factor Authentication and Encryption: • Multi-factor authentication strongly encouraged in general • Must be used for anyone externally accessing internal network • Periodically and securely dispose of data • Encrypt nonpublic information, whether at rest or transmitted HOW DO I COMPLY WITH THE NEW REGULATION?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Cybersecurity Personnel, Penetration Testing, and Audit Trail: • Designate CISO • Do penetration monitoring and testing • Audit trail limit user access appropriately • Written procedures for evaluating and testing security of externally developed apps • Qualified cybersecurity personnel to manage risks, and provide updates and training to other personnel HOW DO I COMPLY WITH THE NEW REGULATION?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM THIRD-PARTY SERVICE PROVIDERS • Written policies and procedures that ensure that all data you protect or hold is kept secure • Maintain minimum standards • Periodically update risk assessment for the third-party • Provide guidelines for access controls, use of encryption and notice of any cybersecurity event
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM A NOTE ABOUT INSURANCE • Cyber/data privacy insurance • Directors & Officers Insurance – failure to develop proper procedures or report on time? • Errors and omissions – failure to develop an adequate response plan, failure to properly train, failure to develop procedures?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT HAPPENS IF I DON’T COMPLY? • Not much guidance on enforcement • “The regulation will be enforced by the superintendent pursuant to, and is not intended to limit, the superintendent’s authority under any applicable laws”
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT DO I DO NOW? • Determine if you are eligible for a limited exemption • File Notices of Exemption no later than 9/27/2017 • Self-assess your compliance status • Unless already in compliance – • Undertake a formal gap assessment • Remediate compliance gaps • File annual attestations • Adhere to your policies and procedures • Repeat
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM 23 NYCRR 500 CRITICAL DATES March 1, 2017 Effective Date - NYS Cybersecurity Regulations became effective (23 NYCRR Part 500) August 28, 2017 Deadline for Compliance - Covered Entities are required to be in compliance with the requirements of 23 NYCRR Part 500, unless otherwise specified September 27, 2017 Deadline for Exemption Notice – Covered Entities that qualify for a limited exemption must file a Notice of Exemption by this date. February 15, 2018 Deadline for 1st Annual Certification Submission – Covered Entities are required to file their 1st Certification of Compliance by this date. March 1, 2018 1 Year Transitional Period Ends – Covered Entities are required to be in compliance with the requirements of section 500.04(b), 500.05, 500.09, 500.12, and 500.14(b) of 23 NYCRR Part 500 (see regulations document for details of the sections above) September 3, 2018 18 Month Transitional Period Ends - Covered Entities are required to be in compliance with the requirements of section 500.06, 500.08, 500.13, 500.14(a), and 500.15 of 23 NYCRR Part 500 (see regulations document for details of the sections above) February 15, 2019 Deadline for 2nd Annual Certification Submission– Covered Entities are required to file their 2nd Certification of Compliance by this date. March 1, 2019 Deadline for Full Compliance for All – Covered Entities are required to be fully compliant with the requirements of 23 NYCRR Part 500
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM  www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf  www.dfs.ny.gov/about/whowesupervise.htm  trac@citrincooperman.com for our Self-Assessment Tool NYS DFS RESOURCES
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM QUESTIONS?
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM TODAY’S PRESENTERS David Rosenbaum Principal Citrin Cooperman & Company LLP drosenbaum@citrincooperman.com 914-693-7000 Jeremy Kerman, Esq. Attorney Walker Wilcox Matousek LLP jkerman@wwmlawyers.com 312-244-6700 Celeste King, Esq. Founding Partner Walker Wilcox Matousek LLP cking@wwmlawyers.com 312-244-6700
WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM NY Cybersecurity Requirements for Financial Services Companies

Recommended

TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
Citrin Cooperman
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
Citrin Cooperman
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Citrin Cooperman
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
Citrin Cooperman
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 
A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19
Citrin Cooperman
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providers
Merry D'souza
 

Recommended

TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19
Citrin Cooperman
 
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...
Citrin Cooperman
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Citrin Cooperman
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
Citrin Cooperman
 
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...
Citrin Cooperman
 
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Fraud and Security in Uncharted Territory: Considerations in the Age of COVID-19
Citrin Cooperman
 
A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19
Citrin Cooperman
 
Top 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providers
Merry D'souza
 
Not-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 EnvironmentNot-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 Environment
Citrin Cooperman
 
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk AwarenessNFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
Citrin Cooperman
 
Navigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services IndustryNavigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services Industry
Citrin Cooperman
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
OCTF Industry Engagement
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
Rea & Associates
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
Semir Ibrahimovic
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
Colleen Beck-Domanico
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
CGTI
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
Citrin Cooperman
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate Boards
Cheffley White
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
PECB
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
Wynyard Group
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
Eric Reehl
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
Marko Suswanto
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
Shawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
Shawn Tuma
 

More Related Content

What's hot

Not-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 EnvironmentNot-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 Environment
Citrin Cooperman
 
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk AwarenessNFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
Citrin Cooperman
 
Navigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services IndustryNavigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services Industry
Citrin Cooperman
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye, Inc.
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
OCTF Industry Engagement
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
Karyl Scott
 
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
Rea & Associates
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
Semir Ibrahimovic
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
Colleen Beck-Domanico
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
CGTI
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
Dawn Yankeelov
 
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
Citrin Cooperman
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate Boards
Cheffley White
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
PECB
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
Wynyard Group
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
Eric Reehl
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
Marko Suswanto
 

What's hot (20)

Not-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 EnvironmentNot-For-Profit Risks in the COVID-19 Environment
Not-For-Profit Risks in the COVID-19 Environment
 
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk AwarenessNFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
NFP Speak: COVID-19 Webinar Series - Part 3 - IT & Cybersecurity Risk Awareness
 
Navigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services IndustryNavigating COVID's Impact on the Financial Services Industry
Navigating COVID's Impact on the Financial Services Industry
 
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The BreachFireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
FireEye Cyber Defense Summit 2016 Now What - Before & After The Breach
 
Cybersecurity & the Board of Directors
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial Institutions
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
 
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
What Risk Factors Not-For-Profit Organizations Need to Know in Today's COVID-...
 
Cyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate Boards
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Cyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and PreparationCyber Liability - Insurance Risk Management and Preparation
Cyber Liability - Insurance Risk Management and Preparation
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
 

Similar to New York Cybersecurity Requirements for Financial Services Companies

New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
Shawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
Shawn Tuma
 
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal ContractorsArnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
JSchaus & Associates
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
Skoda Minotti
 
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ, Inc.
 
SEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure GuidelinesSEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure Guidelines
Resilient Systems
 
Presentation for FPANJ Spring 2015 Conference
Presentation for FPANJ Spring 2015 ConferencePresentation for FPANJ Spring 2015 Conference
Presentation for FPANJ Spring 2015 Conference
Bill Despo
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
Kurt Hagerman
 
How South Dakota's BIT defends against cyber threats
How South Dakota's BIT defends against cyber threatsHow South Dakota's BIT defends against cyber threats
How South Dakota's BIT defends against cyber threats
Elasticsearch
 
MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance Service
William McBorrough
 
Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016
InvestorSymantec
 
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
CODE BLUE
 
Cyber TPRM - the journey ahead
Cyber TPRM - the journey aheadCyber TPRM - the journey ahead
Cyber TPRM - the journey ahead
Kevin Duffey
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacy
lgcdcpas
 
2018-11-15 IT Assessment
2018-11-15 IT Assessment2018-11-15 IT Assessment
2018-11-15 IT Assessment
Raffa Learning Community
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Shawn Tuma
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
Sarah Stogner
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
Government Technology and Services Coalition
 
Due Diligence: A Necessity in a New Environment
Due Diligence: A Necessity in a New EnvironmentDue Diligence: A Necessity in a New Environment
Due Diligence: A Necessity in a New Environment
Kaufman & Canoles
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
Kenneth Dorado, CISA, HCISPP
 

Similar to New York Cybersecurity Requirements for Financial Services Companies (20)

New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity Regulations
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
 
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal ContractorsArnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
 
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018
 
SEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure GuidelinesSEC Cybersecurity Disclosure Guidelines
SEC Cybersecurity Disclosure Guidelines
 
Presentation for FPANJ Spring 2015 Conference
Presentation for FPANJ Spring 2015 ConferencePresentation for FPANJ Spring 2015 Conference
Presentation for FPANJ Spring 2015 Conference
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
How South Dakota's BIT defends against cyber threats
How South Dakota's BIT defends against cyber threatsHow South Dakota's BIT defends against cyber threats
How South Dakota's BIT defends against cyber threats
 
MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance Service
 
Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016
 
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...
 
Cyber TPRM - the journey ahead
Cyber TPRM - the journey aheadCyber TPRM - the journey ahead
Cyber TPRM - the journey ahead
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacy
 
2018-11-15 IT Assessment
2018-11-15 IT Assessment2018-11-15 IT Assessment
2018-11-15 IT Assessment
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Due Diligence: A Necessity in a New Environment
Due Diligence: A Necessity in a New EnvironmentDue Diligence: A Necessity in a New Environment
Due Diligence: A Necessity in a New Environment
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
 

More from Citrin Cooperman

How About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
How About Provider Relief Funds: Deadlines, Reporting, and Auditing NuancesHow About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
How About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Modern Decision Support
C-Suite Snacks Webinar Series: Modern Decision SupportC-Suite Snacks Webinar Series: Modern Decision Support
C-Suite Snacks Webinar Series: Modern Decision Support
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Building an Advisory Board
C-Suite Snacks Webinar Series: Building an Advisory BoardC-Suite Snacks Webinar Series: Building an Advisory Board
C-Suite Snacks Webinar Series: Building an Advisory Board
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for SaleC-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
Citrin Cooperman
 
Preparing for the New Lease Accounting Standard
Preparing for the New Lease Accounting StandardPreparing for the New Lease Accounting Standard
Preparing for the New Lease Accounting Standard
Citrin Cooperman
 
Lease Accounting: Preparing Your Business for 2022
Lease Accounting: Preparing Your Business for 2022Lease Accounting: Preparing Your Business for 2022
Lease Accounting: Preparing Your Business for 2022
Citrin Cooperman
 
High Net Worth Webinar Series - Tax Planning and Update for 2022
High Net Worth Webinar Series - Tax Planning and Update for 2022High Net Worth Webinar Series - Tax Planning and Update for 2022
High Net Worth Webinar Series - Tax Planning and Update for 2022
Citrin Cooperman
 
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
Citrin Cooperman
 
High Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
High Net Worth Webinar Series - The Business of Digital Assets​ & BlockchainHigh Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
High Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
Citrin Cooperman
 
High Net Worth Webinar Series - Estate Planning Strategies and Updates
High Net Worth Webinar Series - Estate Planning Strategies and UpdatesHigh Net Worth Webinar Series - Estate Planning Strategies and Updates
High Net Worth Webinar Series - Estate Planning Strategies and Updates
Citrin Cooperman
 
Showtime for Shuttered Venue Operators Grant (SVOG) Recipients
Showtime for Shuttered Venue Operators Grant (SVOG) RecipientsShowtime for Shuttered Venue Operators Grant (SVOG) Recipients
Showtime for Shuttered Venue Operators Grant (SVOG) Recipients
Citrin Cooperman
 
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
Citrin Cooperman
 
Manufacturing & Distribution Update: The Economic Impact on the Industry
Manufacturing & Distribution Update: The Economic Impact on the IndustryManufacturing & Distribution Update: The Economic Impact on the Industry
Manufacturing & Distribution Update: The Economic Impact on the Industry
Citrin Cooperman
 
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
Citrin Cooperman
 
The New Rage in SALT: State Pass-Through Entity Tax
The New Rage in SALT: State Pass-Through Entity TaxThe New Rage in SALT: State Pass-Through Entity Tax
The New Rage in SALT: State Pass-Through Entity Tax
Citrin Cooperman
 
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
Citrin Cooperman
 
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
Citrin Cooperman
 
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
Citrin Cooperman
 

More from Citrin Cooperman (20)

How About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
How About Provider Relief Funds: Deadlines, Reporting, and Auditing NuancesHow About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
How About Provider Relief Funds: Deadlines, Reporting, and Auditing Nuances
 
C-Suite Snacks Webinar Series: Modern Decision Support
C-Suite Snacks Webinar Series: Modern Decision SupportC-Suite Snacks Webinar Series: Modern Decision Support
C-Suite Snacks Webinar Series: Modern Decision Support
 
C-Suite Snacks Webinar Series: Building an Advisory Board
C-Suite Snacks Webinar Series: Building an Advisory BoardC-Suite Snacks Webinar Series: Building an Advisory Board
C-Suite Snacks Webinar Series: Building an Advisory Board
 
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for SaleC-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
C-Suite Snacks Webinar Series: Prepping Your Company's Financials for Sale
 
Preparing for the New Lease Accounting Standard
Preparing for the New Lease Accounting StandardPreparing for the New Lease Accounting Standard
Preparing for the New Lease Accounting Standard
 
Lease Accounting: Preparing Your Business for 2022
Lease Accounting: Preparing Your Business for 2022Lease Accounting: Preparing Your Business for 2022
Lease Accounting: Preparing Your Business for 2022
 
High Net Worth Webinar Series - Tax Planning and Update for 2022
High Net Worth Webinar Series - Tax Planning and Update for 2022High Net Worth Webinar Series - Tax Planning and Update for 2022
High Net Worth Webinar Series - Tax Planning and Update for 2022
 
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
C-Suite Snacks Webinar Series: The Talent Wars - Can Benefits Be Your Secret ...
 
High Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
High Net Worth Webinar Series - The Business of Digital Assets​ & BlockchainHigh Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
High Net Worth Webinar Series - The Business of Digital Assets​ & Blockchain
 
High Net Worth Webinar Series - Estate Planning Strategies and Updates
High Net Worth Webinar Series - Estate Planning Strategies and UpdatesHigh Net Worth Webinar Series - Estate Planning Strategies and Updates
High Net Worth Webinar Series - Estate Planning Strategies and Updates
 
Showtime for Shuttered Venue Operators Grant (SVOG) Recipients
Showtime for Shuttered Venue Operators Grant (SVOG) RecipientsShowtime for Shuttered Venue Operators Grant (SVOG) Recipients
Showtime for Shuttered Venue Operators Grant (SVOG) Recipients
 
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
C-Suite Snacks Webinar Series: A Year Like No Other - Manufacturing and Distr...
 
Manufacturing & Distribution Update: The Economic Impact on the Industry
Manufacturing & Distribution Update: The Economic Impact on the IndustryManufacturing & Distribution Update: The Economic Impact on the Industry
Manufacturing & Distribution Update: The Economic Impact on the Industry
 
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
High Net Worth Webinar Series: SALT Thoughts - Pass-Through Entity Taxes & Re...
 
The New Rage in SALT: State Pass-Through Entity Tax
The New Rage in SALT: State Pass-Through Entity TaxThe New Rage in SALT: State Pass-Through Entity Tax
The New Rage in SALT: State Pass-Through Entity Tax
 
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
C-Suite Snacks Webinar Series: What's Your IP Worth? Discovering the Value of...
 
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
C-Suite Snacks Webinar Series: Best-In-Class Finance and Accounting: Should Y...
 
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
C-Suite Snacks Webinar Series: Not Sold on Selling Your Business? Why Now is ...
 
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
MasterSnacks: Cybersecurity - Disaster Recovery: Hoping for the Best but Plan...
 
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
C-Suite Snacks Webinar Series: Mise en Place: Ensuring the Success of Your Bu...
 

Recently uploaded

Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan ChartSatta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results
 
Kirill Klip GEM Royalty TNR Gold Copper Presentation
Kirill Klip GEM Royalty TNR Gold Copper PresentationKirill Klip GEM Royalty TNR Gold Copper Presentation
Kirill Klip GEM Royalty TNR Gold Copper Presentation
Kirill Klip
 
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineEllen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
CIOWomenMagazine
 
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Kalyan Satta Matka Guessing Matka Result Main Bazar chart
 
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
➒➌➎➏➑➐➋➑➐➐Dpboss Matka Guessing Satta Matka Kalyan Chart Indian Matka
 
AI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your BusinessAI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your Business
Arijit Dutta
 
TIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup IndustryTIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup Industry
timesbpobusiness
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
jeffkluth1
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
taqyea
 
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
valvereliz227
 
The Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac SignThe Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac Sign
my Pandit
 
list of states and organizations .pdf
list of states and organizations .pdflist of states and organizations .pdf
list of states and organizations .pdf
Rbc Rbcua
 
IMG_20240615_091110.pdf dpboss guessing
IMG_20240615_091110.pdf dpboss guessingIMG_20240615_091110.pdf dpboss guessing
IMG_20240615_091110.pdf dpboss guessing
CALL❾⓿❹⓿❾❻❸❸❺❹ DPBOSS GUESSING FIX PANNA JODI BLAST
 
The latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from NewentideThe latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from Newentide
JoeYangGreatMachiner
 
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
IPLTech Electric
 
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdfRegistered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
dazzjoker
 
Science Around Us Module 2 Matter Around Us
Science Around Us Module 2 Matter Around UsScience Around Us Module 2 Matter Around Us
Science Around Us Module 2 Matter Around Us
PennapaKeavsiri
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
dpbossdpboss69
 
Prescriptive analytics BA4206 Anna University PPT
Prescriptive analytics BA4206 Anna University PPTPrescriptive analytics BA4206 Anna University PPT
Prescriptive analytics BA4206 Anna University PPT
Freelance
 
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
my Pandit
 

Recently uploaded (20)

Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan ChartSatta Matka Dpboss Kalyan Matka Results Kalyan Chart
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
 
Kirill Klip GEM Royalty TNR Gold Copper Presentation
Kirill Klip GEM Royalty TNR Gold Copper PresentationKirill Klip GEM Royalty TNR Gold Copper Presentation
Kirill Klip GEM Royalty TNR Gold Copper Presentation
 
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineEllen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women Magazine
 
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Fin...
 
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
Dpboss Matka Guessing Satta Matta Matka Kalyan panel Chart Indian Matka Dpbos...
 
AI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your BusinessAI Transformation Playbook: Thinking AI-First for Your Business
AI Transformation Playbook: Thinking AI-First for Your Business
 
TIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup IndustryTIMES BPO: Business Plan For Startup Industry
TIMES BPO: Business Plan For Startup Industry
 
Part 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 SlowdownPart 2 Deep Dive: Navigating the 2024 Slowdown
Part 2 Deep Dive: Navigating the 2024 Slowdown
 
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
一比一原版新西兰奥塔哥大学毕业证(otago毕业证)如何办理
 
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
欧洲杯赌球-欧洲杯赌球买球官方官网-欧洲杯赌球比赛投注官网|【​网址​🎉ac55.net🎉​】
 
The Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac SignThe Steadfast and Reliable Bull: Taurus Zodiac Sign
The Steadfast and Reliable Bull: Taurus Zodiac Sign
 
list of states and organizations .pdf
list of states and organizations .pdflist of states and organizations .pdf
list of states and organizations .pdf
 
IMG_20240615_091110.pdf dpboss guessing
IMG_20240615_091110.pdf dpboss guessingIMG_20240615_091110.pdf dpboss guessing
IMG_20240615_091110.pdf dpboss guessing
 
The latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from NewentideThe latest Heat Pump Manual from Newentide
The latest Heat Pump Manual from Newentide
 
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
Sustainable Logistics for Cost Reduction_ IPLTech Electric's Eco-Friendly Tra...
 
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdfRegistered-Establishment-List-in-Uttarakhand-pdf.pdf
Registered-Establishment-List-in-Uttarakhand-pdf.pdf
 
Science Around Us Module 2 Matter Around Us
Science Around Us Module 2 Matter Around UsScience Around Us Module 2 Matter Around Us
Science Around Us Module 2 Matter Around Us
 
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian MatkaDpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
Dpboss Matka Guessing Satta Matta Matka Kalyan Chart Indian Matka
 
Prescriptive analytics BA4206 Anna University PPT
Prescriptive analytics BA4206 Anna University PPTPrescriptive analytics BA4206 Anna University PPT
Prescriptive analytics BA4206 Anna University PPT
 
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...
 

New York Cybersecurity Requirements for Financial Services Companies

  • 1. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM NY Cybersecurity Requirements for Financial Services Companies
  • 2. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM TODAY’S PRESENTERS David Rosenbaum Principal Citrin Cooperman & Company LLP drosenbaum@citrincooperman.com 914-693-7000 Jeremy Kerman, Esq. Attorney Walker Wilcox Matousek LLP jkerman@wwmlawyers.com 312-244-6700 Celeste King, Esq. Founding Partner Walker Wilcox Matousek LLP cking@wwmlawyers.com 312-244-6700
  • 3. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT REGULATION? New York State Department of Financial Services 23 NYCRR 500
  • 4. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT IS CYBERSECURITY? Computers • Desktops • Laptops • Tablets • Phones Networks • Servers • Firewalls • Peripheral devices • Internet of Things (IoT) Data (at rest) • On file servers • On computer hard drives • On backup or removable media • In the Cloud Data (in motion) • Email • Web, portals • Networks, Wi- Fi • Faxes • Phones
  • 5. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT ARE THE OBJECTIVES OF CYBERSECURITY? • Data Confidentiality • Data Integrity • Data Availability
  • 6. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHY DOES NEW YORK STATE CARE? • Ever-growing cyber threat • Privacy of NY consumers’ data • Financial risk to covered entities • Financial services industry is a significant target
  • 7. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM THE BIG 3 QUESTIONS? 1. Do the new regulations affect me? 2. How do I comply with the new regulations? 3. What happens if I do not comply?
  • 8. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM DO THE NEW REGULATIONS AFFECT ME? Regulations govern businesses governed by NYDFS - this includes: • Banks and Trust Companies • Budget Planners • Charitable Foundations • Credit Unions • Insurance Companies (health, life, P&C) • Holding Companies • Investment Companies • Mortgage Bankers and Brokers • “Third-Party Service Providers” of any of the above businesses
  • 9. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Partial exemptions for companies: • <10 employees • <$5M gross annual revenue in each of last 3 years • <$10M in year-end total assets • No non-public information  Note: What if you go from exempt to non-exempt? DO THE NEW REGULATIONS AFFECT ME?
  • 10. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM HOW DO I COMPLY WITH THE NEW REGULATION? Two broad requirements: 1. Self-Risk Profile Assessment 2. Design and Implementation of Cybersecurity Program &
  • 11. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Reporting Requirements: • Annual certification confirming compliance • Report any act or attempt, successful or unsuccessful • 72 hours to report cybersecurity event if: • Notice is required for any other agency or gov’t body, or • Event has a “reasonable likelihood” of materially harming any material part of normal operations HOW DO I COMPLY WITH THE NEW REGULATION?
  • 12. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM • Identify and assess both internal and external risks • Defensive infrastructure, policies, and procedures to: • Protect nonpublic information • Deal with any cybersecurity event • Have a written, easily revisable policy, to protect information • Approved by security officer or Board, • Addresses all aspects of cybersecurity • Unique to your business HOW DO I COMPLY WITH THE NEW REGULATION? Risk Assessment:
  • 13. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Multi-Factor Authentication and Encryption: • Multi-factor authentication strongly encouraged in general • Must be used for anyone externally accessing internal network • Periodically and securely dispose of data • Encrypt nonpublic information, whether at rest or transmitted HOW DO I COMPLY WITH THE NEW REGULATION?
  • 14. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM Cybersecurity Personnel, Penetration Testing, and Audit Trail: • Designate CISO • Do penetration monitoring and testing • Audit trail limit user access appropriately • Written procedures for evaluating and testing security of externally developed apps • Qualified cybersecurity personnel to manage risks, and provide updates and training to other personnel HOW DO I COMPLY WITH THE NEW REGULATION?
  • 15. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM THIRD-PARTY SERVICE PROVIDERS • Written policies and procedures that ensure that all data you protect or hold is kept secure • Maintain minimum standards • Periodically update risk assessment for the third-party • Provide guidelines for access controls, use of encryption and notice of any cybersecurity event
  • 16. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM A NOTE ABOUT INSURANCE • Cyber/data privacy insurance • Directors & Officers Insurance – failure to develop proper procedures or report on time? • Errors and omissions – failure to develop an adequate response plan, failure to properly train, failure to develop procedures?
  • 17. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT HAPPENS IF I DON’T COMPLY? • Not much guidance on enforcement • “The regulation will be enforced by the superintendent pursuant to, and is not intended to limit, the superintendent’s authority under any applicable laws”
  • 18. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM WHAT DO I DO NOW? • Determine if you are eligible for a limited exemption • File Notices of Exemption no later than 9/27/2017 • Self-assess your compliance status • Unless already in compliance – • Undertake a formal gap assessment • Remediate compliance gaps • File annual attestations • Adhere to your policies and procedures • Repeat
  • 19. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM 23 NYCRR 500 CRITICAL DATES March 1, 2017 Effective Date - NYS Cybersecurity Regulations became effective (23 NYCRR Part 500) August 28, 2017 Deadline for Compliance - Covered Entities are required to be in compliance with the requirements of 23 NYCRR Part 500, unless otherwise specified September 27, 2017 Deadline for Exemption Notice – Covered Entities that qualify for a limited exemption must file a Notice of Exemption by this date. February 15, 2018 Deadline for 1st Annual Certification Submission – Covered Entities are required to file their 1st Certification of Compliance by this date. March 1, 2018 1 Year Transitional Period Ends – Covered Entities are required to be in compliance with the requirements of section 500.04(b), 500.05, 500.09, 500.12, and 500.14(b) of 23 NYCRR Part 500 (see regulations document for details of the sections above) September 3, 2018 18 Month Transitional Period Ends - Covered Entities are required to be in compliance with the requirements of section 500.06, 500.08, 500.13, 500.14(a), and 500.15 of 23 NYCRR Part 500 (see regulations document for details of the sections above) February 15, 2019 Deadline for 2nd Annual Certification Submission– Covered Entities are required to file their 2nd Certification of Compliance by this date. March 1, 2019 Deadline for Full Compliance for All – Covered Entities are required to be fully compliant with the requirements of 23 NYCRR Part 500
  • 20. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM  www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf  www.dfs.ny.gov/about/whowesupervise.htm  trac@citrincooperman.com for our Self-Assessment Tool NYS DFS RESOURCES
  • 22. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM TODAY’S PRESENTERS David Rosenbaum Principal Citrin Cooperman & Company LLP drosenbaum@citrincooperman.com 914-693-7000 Jeremy Kerman, Esq. Attorney Walker Wilcox Matousek LLP jkerman@wwmlawyers.com 312-244-6700 Celeste King, Esq. Founding Partner Walker Wilcox Matousek LLP cking@wwmlawyers.com 312-244-6700
  • 23. WWW.CITRINCOOPERMAN.COM WWW.WWMLAWYERS.COM NY Cybersecurity Requirements for Financial Services Companies