Digital4nx Group, Ltd.

  • About Us
    • Who We Serve
    • Close
  • Digital Litigation Support Services
    • Digital Forensic Investigations
    • Electronic Discovery Hosting, Consulting, and Advisory
    • Early Case Assessment
    • Expert Witness Testimony
    • Close
  • Cyber Security Services
    • Advanced Ethical Hacking
    • Vulnerability Assessment
    • Post-Breach Incident Response
    • Cyber Awareness Training
    • Cyber Risk and Compliance Assessment
    • CISO-As-A-Service
    • Close
  • News and Case Studies
  • Events
  • Contact Us
    • Subscribe to Newsletter
    • Close
You are here: Home / Announcement / Cyber Security Requirements For Financial Services Companies

Cyber Security Requirements For Financial Services Companies

October 13, 2016 by Rob Kleeger

The New York Department of Financial Services (NYDFS) has proposed regulations that require all financial services businesses operating in New York to develop and maintain a comprehensive Cyber Security program.  The regulations impose significant, yet minimum Cyber Security requirements, and mandate board of director involvement and accountability.

The NYDFS proposed regulations apply to every business operating in New York that is required to have a “license, registration, charter, certificate, permit, accreditation or similar authorization” under New York’s banking insurance or financial services law.

While this includes banks and insurers, it also includes related businesses. Brokers, including mortgage and insurance brokers, as well as bail bond agents, check cashers, non-profit credit counselors and budget planners, licensed lenders, premium finance agencies, and others, are potentially subject to the regulations. You can see the other NYDFS supervised businesses discussed here.

The requirements for Cyber Security program must serve six core functions:

  1. IDENTIFY INTERNAL AND EXTERNAL CYBER RISKS;
  2. USE DEFENSIVE INFRASTRUCTURE;
  3. DETECT CYBER SECURITY EVENTS;
  4. RESPOND TO AND MITIGATE IDENTIFIED OR DETECTED CYBER SECURITY EVENTS;
  5. RECOVER FROM CYBER SECURITY EVENTS AND RESTORE NORMAL OPERATIONS; AND,
  6. MEET REGULATORY REPORTING OBLIGATIONS.

In addition, the Cyber security programs must include regular employee training on Cyber security, and contain controls sufficient to monitor user activity and detect unauthorized user access.

For several years, Digital4nx Group has been providing “Ethical hacking” Security assessments, which we define as, a service where we attack your network and computer systems using real-world tools and techniques in order to find security weaknesses. Having an independent team of experts audit your security is a valuable tool that is guaranteed to uncover vulnerabilities and greatly increase your level of security.

For many organizations and especially organizations regulated by DFS, Digital4nx Group will provide an annual service which consists of a set of proactive services. This annual service is a set of proactive services designed to simulate a real-world attack on your network, without the end-goal of causing harm, in order to identify, prioritize and remediate information security issues and potential exposures which could cause various risks for the organization.

For more information, please give us a call or learn more about the program here and return the attached questionnaire for a fixed fee price.

Filed Under: Announcement, Educational Tagged With: Cyber Security, DFS, NEW YORK, NEW YORK DEPARTMENT OF FINANCIAL SERVICES

Case Studies

  • When The Hack of a Business Partner is Just as Bad as the Compromise of Your Own Systems.
  • The Threat From Within – Theft of IP
  • Digital4nx Group recognized and honored by Enterprise Security
  • Digital4nx Group Case Study: “Holy SH IT Co: Former IT Exec Cited For Anti-Forensic Program Use”
  • Digital4nx Group Case Study: “Sealed with a KISS”

Categories

  • Announcement
  • Article
  • Case Studies
  • Educational
  • Events
  • Press Release
  • Seminar
  • Webinar

Twitter feed is not available at the moment.

Digital Litigation Support Service

  • DLSS – Digital Litigation Support Services
  • Digital Forensic Investigations
  • Electronic Discovery Hosting, Consulting, and Advisory
  • Early Case Assessment
  • Expert Witness Testimony

Cyber Security Services

  • Cyber Security Services
  • Advanced Ethical Hacking
  • Vulnerability Assessment
  • Post-Breach Incident Response
  • Cyber Awareness Training
  • Cyber Risk and Compliance Assessment
  • CISO-As-A-Service

Case Studies

  • When The Hack of a Business Partner is Just as Bad as the Compromise of Your Own Systems.
  • The Threat From Within – Theft of IP
  • Digital4nx Group recognized and honored by Enterprise Security

Contact Us

Digital4nx Group, Ltd.
8 S. Main St - Unit 70,
Marlboro Township, NJ 07746
info@digital4nxgroup.com
732-786-4062

Subscribe to Newsletter
© 2019 Digital4nx Group, Ltd. | All Rights Reserved. Sitemap · Privacy Policy