Yesterday, an industry guidance letter was issued to all New York State Department of Financial Services (DFS)-regulated banks from the Superintendent of Financial Services. The letter provides guidance on how they will be examined in terms of their cyber security, and risk management.
The banks will be examined on protocols for the detection of cyber breaches, penetration testing, corporate governance related to cyber security, and their defenses against breaches. This includes multi-factor authentication, the security of third-party vendors, and a number of other areas pertaining to risk mitigation.
Financial data is a primary target for organized crime, hacktivists, and foreign governments. Financial services organizations attract much more unwanted attention than organizations in other industries. It is a good sign to see the New York State DFS taking a lead in setting best industry practices for cyber security. Nettitude has recently been CBEST accredited, with the strongest credentials and experience in helping the financial services sector overcome penetration testing and incident response needs. We welcome any inquiries on how we might help your organization become more secure!