About BWise


What You Need to Know about New York’s Proposed New Cybersecurity Regulation

October 3, 2016 by
Filed under: Information Security

New York’s Department of Financial Services has proposed a new cybersecurity regulation for financial service organizations that do business in New York. The impetus of the regulation is a direct result of the proliferation of cybersecurity breaches and the potential for significant financial loss and misappropriation of consumer data.

The regulation sets expectations for minimum practices, including a set of policies and procedures for the protection of information systems and data. Some of the topics that must be addressed, and approved at least on an annual basis by a senior officer, include:

  • Access controls and identity management
  • Business continuity and disaster recover planning and resources
  • Physical security and environmental controls
  • Vendor and third party service provider management
  • Risk assessment
  • Incident response to cybersecurity events

Additionally, each entity must appoint a Chief Information Security Officer (CISO), who is responsible for overseeing, implementing, and governing the cybersecurity program. The CISO will be required to develop and present a report to the board of directors, or equivalent governing body, at least annually. The report should assess the confidentiality, integrity and availability of the firm’s information systems; detail exceptions to the cyber-security policies and procedures; identify cyber risks; assess the effectiveness of the cyber-security program; propose steps to remediate any identified inadequacies; and include a summary of all material cyber-security events during the report’s time period.

BWise’s Governance, Risk, and Compliance Software Solutions for Cybersecurity

Nasdaq BWise understands the need for flexible software that can adapt as risk and employees change, regulations mature, and as technology, products, and services advance. BWise solutions offer financial service companies risk management solutions to manage cyber threats, support compliance practices, and enable the embedding and sustainability of information security processes.

For more information about how Nasdaq BWise software solutions can help protect against cyber threats, please visit www.bwise.com/vr-experience.

Tags: Cyber Security, Cyber Risk

More Information

What is GRC?

Read the definition of Governance, Risk and Compliance

Gartner ORM report

Nasdaq's BWise has been positioned as a Leader in Gartner's Magic Quadrant for Operational Risk Management Report, 2015. 

Forrester report

Forrester positioned Nasdaq BWise as a Leader in New Report, The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016.

Why BWise

Download the brochure: Three Key Reasons why Hundreds of Customers Rely on Nasdaq BWise.

Scroll up