The NY DFS cybersecurity regulation calls upon New York’s financial services industries to establish and maintain a cyber security program that will protect both customers’ private data and the technology that supports this – within a 180-day time line.

Consequently, business executives at financial services institutions are asking:

  • Does our information security program align to the DFS regulation?
  • Can we review our systems, identify where changes need to be made and implement the required modifications within the 180-day deadline date?
  • Do we have an effective incident response plan in place?

How the ISF can help you:

We have created a mapping between the NY DFS regulation and the ISF’s research, tools and methodologies. The mapping aids NY DFS compliance by showing which elements of the ISF’s comprehensive library of good practice can be deployed to satisfy each of the NY DFS requirements. This comprises of:

  • A business-driven approach for identifying information risk in a manner that reflects risk appetite and recognizes compliance requirements (such as the NY DFS regulation), using Information Risk Assessment Methodology 2 (IRAM2)
  • Detailed guidance on specific controls that can be applied to mitigate information risk and enhance cyber resilience (including those specifically referenced by the NY DFS regulation, such as enhanced Access Control), captured in one place – The Standard of Good Practice for Information Security (the Standard)
  • Topic-specific ‘deeper dive’ material that provides further implementation guidance in areas of particular importance to cyber security, such as threat intelligence and application security.

ISF Consultancy Services:

We recognise that many organizations lack the time, resource or in-house expertise to deliver this business essential project. Our Consultants provide independent and objective guidance and can assist you with the on-site implementation of ISF deliverables in a way that is both pragmatic and cost-efficient.

NY DFS & Consultancy Services Executive Summaries & Press Release

Compliance with the New York Department of Financial Services (DFS) Cybersecurity Regulation

Please fill out the form below to download a complimentary NY DFS & Consultancy Services Executive Summaries & Press Release.

Please provide your details to download this document:

The Information Security Forum (ISF) is a data controller for the personal data collected on this website.

For information on how we collect and use your personal data, please read our Privacy Notice.

Please read and agree with our Terms Of Use.

From time to time, the ISF would like to contact you regarding our latest products, services and events.

By ticking the relevant boxes below, please indicate your preferences on how you want to be contacted:

You can update your preferences at any time, or withdraw consent after submission by going to the ‘Already Registered’ tab.

Please enter the email address you previously registered with to access the download:

You have previously downloaded from our website. For more information on how we use your personal information, please see our Privacy Notice.

Please refamiliarise yourself with our Terms Of Use.

To update your preferences on how you would like to be contacted by the ISF, please indicate below:

To unsubscribe from all ISF communications. Click here: