The state of New York has put in place new regulations for financial companies that will require them to create and maintain cybersecurity programs set to specific standards. These regulations will go into effect on March 1st for insurance companies, banks, and other financial service institutions. Some of the requirements of these new regulations will be for these companies to inspect the security of third party vendors and maintain a program that is well funded and staffed, supervised by qualified management, and reported on periodically to upper management. Other stipulations include implementing an incident response plan, setting minimum standards for technology systems, access controls, encryption, and the perversion of data. These new regulations are a huge step in the right direction for addressing the risk of cyberattacks and putting measures in place for preventing them. Other states around the country should adopt new regulations, just like New York, to update any cybersecurity regulations they may have in place to keep up with the growing threat of cyberattacks.
Source Article: eSecurity Planet