Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Information Security Forum Maps to New York State Department of Financial Services Cyber Security Requirements

April 2017 by Marc Jacob

As cyber security increasingly becomes a national security issue, governments are
taking a more active role in defining responses to cyber threats. In an initiative
to protect New York’s financial services industry, Governor Andrew Cuomo recently
introduced a new State regulation to protect
consumers and financial institutions from cyber-attacks. Effective March 1, this
risk-driven regulation requires all financial services institutions regulated by the
New York Department of Financial Services (DFS) to establish and maintain a cyber
security program that will protect both customers’ private data and the technology
that supports this.

In an effort to support the New York State DFS cyber security requirements, the
Information Security Forum<http://www.securityforum.org> (ISF) today announced the
creation of a mapping between the DFS regulation and the ISF’s research, tools and
methodologies to aid DFS compliance. The mapping aids DFS compliance by showing
which elements of the ISF’s comprehensive library of good practice can be deployed
to satisfy each of the DFS requirements. This good practice comprises:

* A business-driven approach for identifying information risk in a manner that
reflects risk appetite and recognizes compliance requirements (such as the DFS
regulation), using Information Risk Assessment Methodology

* Detailed guidance on specific controls that can be applied to mitigate
information risk and enhance cyber resilience (including those specifically
referenced by the DFS regulation, such as enhanced Access Control), captured in
one place.

* Topic-specific ’deeper dive’ material that provides further implementation
guidance in areas of particular importance to cyber security, such as threat
intelligence and application security

While the ISF has created a mapping between the DFS regulation and the ISF’s
research, tools and methodologies to aid DFS compliance, the organization recognizes
that many businesses lack the time, resources or in-house expertise to deliver this
business essential project. ISF Consultancy Services are available to provide
independent and objective guidance that unleash the full potential of ISF
deliverables in a way that is pragmatic and cost-efficient. ISF Consultancy Services
provide organizations with a variety of business solutions which are tailored to
meet their immediate business requirements. ISF consultants provide customized,
professional support and training to strengthen an organization’s cyber resilience
and information risk management arrangements, therefore equipping them to respond to
rapidly evolving security threats.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts