Articles by tag "dfs"
The current cybersecurity laws and regulations landscape is complex and burdensome. Public cloud providers are trying to help automate and offload the weight of program implementation but there is still a long way to go.
New York State DFS introduced its 23 NYCRR 500 regulation that requires implementation of cybersecurity requirements for all covered entities.
Digital Edge’s team, backed by our legal, cybersecurity and heavy AWS expertise has analyzed DFS requirements and possible AWS implementation automation suggestions.
Download the DFS 500 PDF with highlights and comments that include the joint work of our team.
What Cyber Laws Apply to Me?
It is becoming ever so clear that compliance isn't an easy task handled by the IT department, but that it's a team effort from all the departments. This makes it more difficult in regards to what's applicable so our VP of Compliance has broken down all the laws into simpler terms to be able to distinguish which law you must abide!
Digital Edge Cybersecurity Compliance Team wants to remind you that all DFS Regulated Financial Services Companies are required to comply with the Regulation’s Governance Policies and Procedures, as well as Risk Based Monitoring Systems Requirements and Encryption Programs for Nonpublic Information by September 4, 2018.
Beginning on September 4, 2018, banks, insurance companies, and other financial services institutions regulated by DFS are required to have come into compliance with several additional provisions of the cybersecurity regulation that are vital to the governance and components of a robust financial services cybersecurity program.
For more information on this regulation deadline, please read more here!
As cybersecurity incidents continue to increase in frequency and severity, public companies and financial institutions should expect and prepare for increased regulatory scrutiny in the months ahead.
Digital Edge is an expert in ISO standards, and is certified by the International Standard Organization on Information Security and Quality (ISO 27001). There is a clear crosswalk between DFS law and ISO standards. Digital Edge will help to implement policies, standards and practices to cover all DFS requirements based on International Standards Organization framework.
Contact us today to further explore how our team can provide your business with an unparalleled cybersecurity solution, with our continued focus on Stability, Security, Efficiency and Compliance.
REMINDER: 4 DAYS Left to File Your NYS DFS Exemption
Let the Digital Edge Cybersecurity Team keep your business in compliance!
The Digital Edge Cybersecurity Team would like to remind you that exemption filing for the New York State Department of Financial Services’ (DFS) 500 Mandatory Cybersecurity is due on August 28, 2017.
Filing for this limited exemption only needs to be filed one time. In the future, if your organization no longer qualifies for the limited exemption as of your most recent fiscal year you would then have 180 days to comply with all applicable requirements of the regulation.
Let the Digital Edge Cyber Security Team ease the burden of implementing the NYDFS Cybersecurity Regulations that are still required under your exemption. Contact our Sales Team for your free assessment and align yourself with compliance today!
On July 31, 2017, the Department of Financial Services (DFS) has launched a new online portal to securely transmit in real time all notifications required under New York’s first-in-the-nation cybersecurity regulation. If you need assistance with registration or with any or all components of this cybersecurity framework, the Digital Edge team is available to meet your compliance needs!
“With DFS’s leading cybersecurity regulation, the DFS cyber portal will allow New York’s financial institutions to quickly, easily, and securely report cybersecurity events and file required certifications of compliance, ensuring that the necessary safeguards are in place to protect New York consumers and financial institutions as the threat of cyber-attacks continues to increase.” - Superintendent Maria Vullo, Department of Financial Services
Filings made through the DFS Web Portal are preferred to alternative filing mechanisms as the DFS Web Portal provides a paperless reporting tool to facilitate compliance with the DFS cybersecurity regulation. Learn more about the New only DFS Cybersecurity Reporting Portal here.
Let the Digital Edge Cyber Security Team ease the burden of implementing the robust NYDFS Cybersecurity Regulation. Contact our Sales Team for your free assessment and align yourself with DFS compliance today
It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.
The law will produce large penalties if your company is found not in compliance and Digital Edge’s Solution is here to help avoid those hefty fines.
To Do List:
- Determine if you are regulated; to see how please click here.
- Determine if you are eligible for any of the 5 possible exemptions; to review the exceptions click here.
- If you are eligible for exemption, you must file the Cyber Security Notice of Exception by September 27, 2017.
- Depending on your exemption category, you may still need to build a cyber security system. Click here to see how Digital Edge can help you.
- By August 28, 2017, covered entities must be in compliance.
- February 15, 2018, covered entities must submit first Certification of Compliance.
On March 1, 2017, the New York State Department of Financial Services’ (DFS) mandatory cybersecurity requirements for financial services entities became effective, with implementation to occur within 180 days (August 28, 2017). Let the Digital Edge Cybersecurity Team keep your business in compliance!
At a high level, the regulation requires that all covered entities:
- Conduct a documented risk assessment
- Establish a risk-based cybersecurity program
- Adopt a written cybersecurity policy
- Designate a qualified CISO
- Implement written third-party cyber risk policies
- Establish a written incident response plan
- Notify the superintendent of DFS of any cybersecurity events
- Submit an annual certification of compliance
It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs. To learn more about this mandatory compliance regulations, please read our most recent whitepaper entitled “DFS Compliance – Mandatory Cybersecurity Regulations”
Digital Edge DFS Cybersecurity Solution
The Digital Edge Cybersecurity Team is well-versed in the DFS regulation. We are ready to help companies mitigate risk and ensure compliance with all aspects of the DFS regulation! Contact us today to further explore how our team can provide your business with an unparalleled cybersecurity solution, with our continued focus on Stability, Security, Efficiency and Compliance.