SlideShare une entreprise Scribd logo

New York DFS proposed cybersecurity regulations

Brunswick Group
Brunswick Group

The proposed cybersecurity regulations from the New York Department of Financial Services would impose significant new compliance responsibilities on over 4,000 financial institutions in New York. The regulations set the most prescriptive standards among any state or federal agency and would require companies to establish comprehensive cybersecurity programs, designate cybersecurity personnel, and report any cyber incidents within 72 hours. The regulations have major implications for communications professionals in developing robust cybersecurity response plans, preparing for potential leaks, and ensuring effective employee training on cybersecurity awareness.

Business
1  sur  3
Télécharger pour lire hors ligne
© Brunswick | 2016 | Confidential | 1 PublicAffairsAdviceNote September 22, 2016 Subject: Proposed cybersecurity regulations from the NY Department of Financial Services Summary Groundbreaking cybersecurity regulations proposed this month by the New York State Department of Financial Services would impose significant new compliance responsibilities. The proposed regulations raise the bar for communications and public affairs professionals in particular around cybersecurity planning and response. Overview and Background In mid-September, New York Governor Andrew Cuomo proposed far-reaching cyber security regulations applying to the roughly 4,000 banks, insurance companies, or other financial services institutions regulated by the New York State Department of Financial Services. The proposed regulations are the most prescriptive and ambitious among any state or federal agency. Given New York’s leadership in financial services, these regulations set a precedent that will likely influence other jurisdictions. The proposed regulations, which are subject to a public comment period and take effect in January, 2017, could have significant implications for communicators, requiring in many cases a reassessment of cyber risk policies in place within their companies.
© Brunswick | 2016 | Confidential | 2 Key Features of the Proposed Rules The proposed regulations far surpass existing federal or state regulations on cybersecurity, and will require a deeper approach and greater integration between legal, communications, and technology planning and strategies. The regulations would require that institutions regulated by the NY DFS establish and maintain a cybersecurity program, which includes, but is not limited to:  Regular identification of external and internal cyber risks and use of defensive infrastructure to reduce risks.  A written cybersecurity policy setting forth protocols for security, monitoring, and incident response reviewed by the company’s board of directors.  Designation of a chief information security officer.  Employment and regular training of cybersecurity personnel and increased cyber awareness for all personnel.  An information security policy for managing third party vendors, including establishing “preferred provisions” for inclusion in vendor contracts.  An incident response plan to respond to and recover from a cybersecurity incident.  Notification of the DFS within 72 hours of a cyber event. For full details, please see the full proposed regulations. Communications and Public Relations Implications © Brunswick 2016 1 New York DFS Proposed Cybersecurity Regulations: What Communicators Need to Think About Do you have an incident response plan that includes internal and external communications? Are you prepared for stringent new reporting requirements for cybersecurity incidents? Do you have effective employee communications programs around cybersecurity? 1 2 3 Is communications planning robust, defining roles and responsibilities throughout the company, and tested in simulations? Do you have a leak strategy, and do you have relevant documents (e.g., holding statements, talking points) in place? Is your cybersecurity awareness program conveyed to employees in a way they will understand?
© Brunswick | 2016 | Confidential | 3 Every company holds data, and these proposed regulations create a business and legal case for taking strong measures to mitigate cyber risks—including reputational ones. Companies should take this opportunity to look closely at their communications response plan, employee education and training, and preparation for cyber incident leaks. Even for companies who have each of these elements in place, the proposed regulations may require changes. Communications departments should consider the following in light of the proposed regulations:  The proposed regulations are far more prescriptive around incident response plans, and specifically require that plans include “external and internal communications and information sharing.” Communications plans have always been critical for reputation protection, and are now necessary to comply with NY DFS regulations. All companies subject to the DFS regulations should ensure robust cyber communications plans are in place.  The proposed regulations tighten reporting requirements, requiring notification of the superintendent of the NY DFS no later than 72 hours after a company becomes aware of a cybersecurity incident. Companies should prepare in advance for any public leakage of reports. Preparations should include, but are not limited to: media holding statements, stakeholder mapping to anticipate and plan responses, talking points for various stakeholders, and a leak strategy.  The regulations require that all personnel attend regular cybersecurity awareness training. Companies should ensure that training materials, and employee engagement around cybersecurity, be in accordance with their cultures and effectively communicated to all employees. For further information on communications planning, please contact cybersecurityUS@brunswickgroup.com.

Recommandé

How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsKyle Brown
 
Brunswick Intelligence - Building reputational resilience to cyber attack
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Intelligence - Building reputational resilience to cyber attack
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Group
 
NYS DFS CyberSecurity Regulations
NYS DFS CyberSecurity RegulationsNYS DFS CyberSecurity Regulations
NYS DFS CyberSecurity RegulationsJon Bosco
 
The Legal Case for Cybersecurity
The Legal Case for CybersecurityThe Legal Case for Cybersecurity
The Legal Case for CybersecurityShawn Tuma
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsShawn Tuma
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsColleen Beck-Domanico
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyGovernment Technology and Services Coalition
 

Recommandé

How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsKyle Brown
 
Brunswick Intelligence - Building reputational resilience to cyber attack
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Intelligence - Building reputational resilience to cyber attack
Brunswick Intelligence - Building reputational resilience to cyber attackBrunswick Group
 
NYS DFS CyberSecurity Regulations
NYS DFS CyberSecurity RegulationsNYS DFS CyberSecurity Regulations
NYS DFS CyberSecurity RegulationsJon Bosco
 
The Legal Case for Cybersecurity
The Legal Case for CybersecurityThe Legal Case for Cybersecurity
The Legal Case for CybersecurityShawn Tuma
 
New York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsNew York Department of Financial Services Cybersecurity Regulations
New York Department of Financial Services Cybersecurity RegulationsShawn Tuma
 
Cyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsCyber Security Tips and Resources for Financial Institutions
Cyber Security Tips and Resources for Financial InstitutionsColleen Beck-Domanico
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyGovernment Technology and Services Coalition
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsGovernment Technology and Services Coalition
 
Data breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundationData breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundationBradley Arant Boult Cummings LLP
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentationKenneth Dorado, CISA, HCISPP
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2Semir Ibrahimovic
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...Government Technology and Services Coalition
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500Shawn Tuma
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionNext Dimension Inc.
 
Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?Daniel Message
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
The developing world of cyber litigation and compliance
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliancePECB
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Shawn Tuma
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsPECB
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Richard Brzakala
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachFletcher Media
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacylgcdcpas
 
Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-IT Strategy Group
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityErnest Staats
 
Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016Ben-Ari Boukai
 
SECURITY
SECURITYSECURITY
SECURITYTony Fanelli
 

Contenu connexe

Tendances

The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500Shawn Tuma
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionNext Dimension Inc.
 
Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?Daniel Message
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
The developing world of cyber litigation and compliance
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliancePECB
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Shawn Tuma
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsPECB
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Richard Brzakala
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachFletcher Media
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacylgcdcpas
 
Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-IT Strategy Group
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityErnest Staats
 

Tendances (20)

The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Data breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundationData breach-response-planning-laying-the-right-foundation
Data breach-response-planning-laying-the-right-foundation
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next Dimension
 
Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?Cyber security reguations: The shape of things to come for captives?
Cyber security reguations: The shape of things to come for captives?
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
The developing world of cyber litigation and compliance
The developing world of cyber litigation and complianceThe developing world of cyber litigation and compliance
The developing world of cyber litigation and compliance
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
 
Collateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisationsCollateral Damage: Cyberwar and its affect on organisations
Collateral Damage: Cyberwar and its affect on organisations
 
Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals Law Firm Hacked by Cyber Criminals
Law Firm Hacked by Cyber Criminals
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data Breach
 
Emerging Trends in Information Security and Privacy
Emerging Trends in Information Security and PrivacyEmerging Trends in Information Security and Privacy
Emerging Trends in Information Security and Privacy
 
Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-Defensible cybersecurity-jan-25th-
Defensible cybersecurity-jan-25th-
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
 

Similaire à New York DFS proposed cybersecurity regulations

Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016Ben-Ari Boukai
 
What Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure SectorWhat Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure SectorCBIZ, Inc.
 
Maintain data privacy during software development
Maintain data privacy during software developmentMaintain data privacy during software development
Maintain data privacy during software developmentMuhammadArif823
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCiente
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAGovCloud Network
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Manuel Guillen
 
Department of Homeland Security Guidance
Department of Homeland Security GuidanceDepartment of Homeland Security Guidance
Department of Homeland Security GuidanceMeg Weber
 
DHS Guidelines
DHS GuidelinesDHS Guidelines
DHS GuidelinesMeg Weber
 
Risk & Advisory Services: Quarterly Risk Advisor March 2017
Risk & Advisory Services: Quarterly Risk Advisor March 2017Risk & Advisory Services: Quarterly Risk Advisor March 2017
Risk & Advisory Services: Quarterly Risk Advisor March 2017CBIZ, Inc.
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assetscyberprosocial
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...TraintechTde
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsSkoda Minotti
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfHumphrey Humphrey
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxsoulscout02
 
A Guide for Businesses.pdf
A Guide for Businesses.pdfA Guide for Businesses.pdf
A Guide for Businesses.pdfDaviesParker
 
G7 fundamental elements_oct_2016
G7 fundamental elements_oct_2016G7 fundamental elements_oct_2016
G7 fundamental elements_oct_2016Kathleen Hamm
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxchristiandean12115
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 

Similaire à New York DFS proposed cybersecurity regulations (20)

Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016Cyber ANPR Regulatory Alert - October 2016
Cyber ANPR Regulatory Alert - October 2016
 
SECURITY
SECURITYSECURITY
SECURITY
 
What Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure SectorWhat Financial Institution Cyber Regs Tell the Infrastructure Sector
What Financial Institution Cyber Regs Tell the Infrastructure Sector
 
Maintain data privacy during software development
Maintain data privacy during software developmentMaintain data privacy during software development
Maintain data privacy during software development
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdf
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020
 
Department of Homeland Security Guidance
Department of Homeland Security GuidanceDepartment of Homeland Security Guidance
Department of Homeland Security Guidance
 
DHS Guidelines
DHS GuidelinesDHS Guidelines
DHS Guidelines
 
Risk & Advisory Services: Quarterly Risk Advisor March 2017
Risk & Advisory Services: Quarterly Risk Advisor March 2017Risk & Advisory Services: Quarterly Risk Advisor March 2017
Risk & Advisory Services: Quarterly Risk Advisor March 2017
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
 
A Guide for Businesses.pdf
A Guide for Businesses.pdfA Guide for Businesses.pdf
A Guide for Businesses.pdf
 
G7 fundamental elements_oct_2016
G7 fundamental elements_oct_2016G7 fundamental elements_oct_2016
G7 fundamental elements_oct_2016
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docx
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
 

Plus de Brunswick Group

Investor use of digital media 2018
Investor use of digital media 2018Investor use of digital media 2018
Investor use of digital media 2018Brunswick Group
 
The Rise of Prince Mohammed bin Salman
The Rise of Prince Mohammed bin SalmanThe Rise of Prince Mohammed bin Salman
The Rise of Prince Mohammed bin SalmanBrunswick Group
 
OECD's Base Erosion and Profit Shifting Project
OECD's Base Erosion and Profit Shifting ProjectOECD's Base Erosion and Profit Shifting Project
OECD's Base Erosion and Profit Shifting ProjectBrunswick Group
 
European climate on foreign investment
European climate on foreign investment European climate on foreign investment
European climate on foreign investment Brunswick Group
 
Brunswick ISMEA Quarterly Newsletter - May 2017
Brunswick ISMEA Quarterly Newsletter - May 2017 Brunswick ISMEA Quarterly Newsletter - May 2017
Brunswick ISMEA Quarterly Newsletter - May 2017 Brunswick Group
 
Brunswick Group - ISMEA Newsletter - May 2017
Brunswick Group - ISMEA Newsletter - May 2017Brunswick Group - ISMEA Newsletter - May 2017
Brunswick Group - ISMEA Newsletter - May 2017Brunswick Group
 
Brunswick Group is expanding in Germany
Brunswick Group is expanding in Germany Brunswick Group is expanding in Germany
Brunswick Group is expanding in Germany Brunswick Group
 
Brexit in perspective article 50 notification
Brexit in perspective article 50 notificationBrexit in perspective article 50 notification
Brexit in perspective article 50 notificationBrunswick Group
 
Hong Kong 2017 Chief Executive Election
Hong Kong 2017 Chief Executive ElectionHong Kong 2017 Chief Executive Election
Hong Kong 2017 Chief Executive ElectionBrunswick Group
 
China’s Annual Political Gathering 2017
China’s Annual Political Gathering 2017China’s Annual Political Gathering 2017
China’s Annual Political Gathering 2017Brunswick Group
 
Stakeholder management in getting the deal done
Stakeholder management in getting the deal doneStakeholder management in getting the deal done
Stakeholder management in getting the deal doneBrunswick Group
 
India, Singapore, Middle East and Africa – quarterly review
India, Singapore, Middle East and Africa – quarterly reviewIndia, Singapore, Middle East and Africa – quarterly review
India, Singapore, Middle East and Africa – quarterly reviewBrunswick Group
 
How will President Trump impact the GCC?
How will President Trump impact the GCC?How will President Trump impact the GCC?
How will President Trump impact the GCC?Brunswick Group
 
France 2017 elections – The left wing primaries
France 2017 elections – The left wing primariesFrance 2017 elections – The left wing primaries
France 2017 elections – The left wing primariesBrunswick Group
 
Brunswick intelligence - Brexit in perspective
Brunswick intelligence - Brexit in perspectiveBrunswick intelligence - Brexit in perspective
Brunswick intelligence - Brexit in perspectiveBrunswick Group
 
The future of corporate reputation
The future of corporate reputationThe future of corporate reputation
The future of corporate reputationBrunswick Group
 
Perceptions of Chinese businesses going global
Perceptions of Chinese businesses going globalPerceptions of Chinese businesses going global
Perceptions of Chinese businesses going globalBrunswick Group
 
Infographic - Perceptions of Chinese businesses going global
Infographic - Perceptions of Chinese businesses going globalInfographic - Perceptions of Chinese businesses going global
Infographic - Perceptions of Chinese businesses going globalBrunswick Group
 

Plus de Brunswick Group (20)

Investor use of digital media 2018
Investor use of digital media 2018Investor use of digital media 2018
Investor use of digital media 2018
 
The Rise of Prince Mohammed bin Salman
The Rise of Prince Mohammed bin SalmanThe Rise of Prince Mohammed bin Salman
The Rise of Prince Mohammed bin Salman
 
OECD's Base Erosion and Profit Shifting Project
OECD's Base Erosion and Profit Shifting ProjectOECD's Base Erosion and Profit Shifting Project
OECD's Base Erosion and Profit Shifting Project
 
European climate on foreign investment
European climate on foreign investment European climate on foreign investment
European climate on foreign investment
 
Brunswick ISMEA Quarterly Newsletter - May 2017
Brunswick ISMEA Quarterly Newsletter - May 2017 Brunswick ISMEA Quarterly Newsletter - May 2017
Brunswick ISMEA Quarterly Newsletter - May 2017
 
Brunswick Group - ISMEA Newsletter - May 2017
Brunswick Group - ISMEA Newsletter - May 2017Brunswick Group - ISMEA Newsletter - May 2017
Brunswick Group - ISMEA Newsletter - May 2017
 
Brunswick Group is expanding in Germany
Brunswick Group is expanding in Germany Brunswick Group is expanding in Germany
Brunswick Group is expanding in Germany
 
The Mine of the Future
The Mine of the FutureThe Mine of the Future
The Mine of the Future
 
Brexit in perspective article 50 notification
Brexit in perspective article 50 notificationBrexit in perspective article 50 notification
Brexit in perspective article 50 notification
 
Hong Kong 2017 Chief Executive Election
Hong Kong 2017 Chief Executive ElectionHong Kong 2017 Chief Executive Election
Hong Kong 2017 Chief Executive Election
 
China’s Annual Political Gathering 2017
China’s Annual Political Gathering 2017China’s Annual Political Gathering 2017
China’s Annual Political Gathering 2017
 
Getting the Deal Done
Getting the Deal DoneGetting the Deal Done
Getting the Deal Done
 
Stakeholder management in getting the deal done
Stakeholder management in getting the deal doneStakeholder management in getting the deal done
Stakeholder management in getting the deal done
 
India, Singapore, Middle East and Africa – quarterly review
India, Singapore, Middle East and Africa – quarterly reviewIndia, Singapore, Middle East and Africa – quarterly review
India, Singapore, Middle East and Africa – quarterly review
 
How will President Trump impact the GCC?
How will President Trump impact the GCC?How will President Trump impact the GCC?
How will President Trump impact the GCC?
 
France 2017 elections – The left wing primaries
France 2017 elections – The left wing primariesFrance 2017 elections – The left wing primaries
France 2017 elections – The left wing primaries
 
Brunswick intelligence - Brexit in perspective
Brunswick intelligence - Brexit in perspectiveBrunswick intelligence - Brexit in perspective
Brunswick intelligence - Brexit in perspective
 
The future of corporate reputation
The future of corporate reputationThe future of corporate reputation
The future of corporate reputation
 
Perceptions of Chinese businesses going global
Perceptions of Chinese businesses going globalPerceptions of Chinese businesses going global
Perceptions of Chinese businesses going global
 
Infographic - Perceptions of Chinese businesses going global
Infographic - Perceptions of Chinese businesses going globalInfographic - Perceptions of Chinese businesses going global
Infographic - Perceptions of Chinese businesses going global
 

Dernier

Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfAmzadHosen3
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 

Dernier (20)

Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 

New York DFS proposed cybersecurity regulations

  • 1. © Brunswick | 2016 | Confidential | 1 PublicAffairsAdviceNote September 22, 2016 Subject: Proposed cybersecurity regulations from the NY Department of Financial Services Summary Groundbreaking cybersecurity regulations proposed this month by the New York State Department of Financial Services would impose significant new compliance responsibilities. The proposed regulations raise the bar for communications and public affairs professionals in particular around cybersecurity planning and response. Overview and Background In mid-September, New York Governor Andrew Cuomo proposed far-reaching cyber security regulations applying to the roughly 4,000 banks, insurance companies, or other financial services institutions regulated by the New York State Department of Financial Services. The proposed regulations are the most prescriptive and ambitious among any state or federal agency. Given New York’s leadership in financial services, these regulations set a precedent that will likely influence other jurisdictions. The proposed regulations, which are subject to a public comment period and take effect in January, 2017, could have significant implications for communicators, requiring in many cases a reassessment of cyber risk policies in place within their companies.
  • 2. © Brunswick | 2016 | Confidential | 2 Key Features of the Proposed Rules The proposed regulations far surpass existing federal or state regulations on cybersecurity, and will require a deeper approach and greater integration between legal, communications, and technology planning and strategies. The regulations would require that institutions regulated by the NY DFS establish and maintain a cybersecurity program, which includes, but is not limited to:  Regular identification of external and internal cyber risks and use of defensive infrastructure to reduce risks.  A written cybersecurity policy setting forth protocols for security, monitoring, and incident response reviewed by the company’s board of directors.  Designation of a chief information security officer.  Employment and regular training of cybersecurity personnel and increased cyber awareness for all personnel.  An information security policy for managing third party vendors, including establishing “preferred provisions” for inclusion in vendor contracts.  An incident response plan to respond to and recover from a cybersecurity incident.  Notification of the DFS within 72 hours of a cyber event. For full details, please see the full proposed regulations. Communications and Public Relations Implications © Brunswick 2016 1 New York DFS Proposed Cybersecurity Regulations: What Communicators Need to Think About Do you have an incident response plan that includes internal and external communications? Are you prepared for stringent new reporting requirements for cybersecurity incidents? Do you have effective employee communications programs around cybersecurity? 1 2 3 Is communications planning robust, defining roles and responsibilities throughout the company, and tested in simulations? Do you have a leak strategy, and do you have relevant documents (e.g., holding statements, talking points) in place? Is your cybersecurity awareness program conveyed to employees in a way they will understand?
  • 3. © Brunswick | 2016 | Confidential | 3 Every company holds data, and these proposed regulations create a business and legal case for taking strong measures to mitigate cyber risks—including reputational ones. Companies should take this opportunity to look closely at their communications response plan, employee education and training, and preparation for cyber incident leaks. Even for companies who have each of these elements in place, the proposed regulations may require changes. Communications departments should consider the following in light of the proposed regulations:  The proposed regulations are far more prescriptive around incident response plans, and specifically require that plans include “external and internal communications and information sharing.” Communications plans have always been critical for reputation protection, and are now necessary to comply with NY DFS regulations. All companies subject to the DFS regulations should ensure robust cyber communications plans are in place.  The proposed regulations tighten reporting requirements, requiring notification of the superintendent of the NY DFS no later than 72 hours after a company becomes aware of a cybersecurity incident. Companies should prepare in advance for any public leakage of reports. Preparations should include, but are not limited to: media holding statements, stakeholder mapping to anticipate and plan responses, talking points for various stakeholders, and a leak strategy.  The regulations require that all personnel attend regular cybersecurity awareness training. Companies should ensure that training materials, and employee engagement around cybersecurity, be in accordance with their cultures and effectively communicated to all employees. For further information on communications planning, please contact cybersecurityUS@brunswickgroup.com.