Citing the growth in cyber-attacks against financial institutions of all levels, the New York State Department of Financial Services (“DFS”) announced Tuesday that it will begin examining institution’s for cybersecurity preparedness.
In 2013 DFS initiated a study to determine how well institutions information security frameworks were addressing the need for enhanced cyber security protections. The study focused on:” corporate governance around cyber security; use and frequency of penetration testing and results; budget and costs associated with cyber security; the frequency, nature, cost of, and response to cyber security breaches; and future plans on Shared Assessments Summit (scheduled for May 19-21) will focus on how to develop and maintain a strong and effective third party risk management program that satisfies all of the new regulatory requirements.
That all financial institutions need to scrutinize their vendors’ cyber security efforts is a given. What is yet to be seen is whether other states will follow New York’s lead and add cyber security to their examinations as well. If they do, institutions in those states can count on Shared Assessments to help them address these concerns.
Santa Fe Group Consultant and Shared Assessments Program Director, Brad Keller, has more than 25 years of experience developing and leading risk management and third-party risk assessment programs. Brad is responsible for the development of the Shared Assessments Program’s Tools and key partnerships. Follow Brad on Twitter at @sfgbrad or on LinkedIn.