New York Brings Down the Cyber-Hammer on Financial Services Providers
If you're a financial services provider or company who does business in New York, your cybersecurity program is about to come under major scrutiny from the state government.
Effective March 1st of 2017, banks and insurers will need to comply with a sweeping state cybersecurity bill including laws around Identity & Access Management:
- Reviewing and assessing User Access Privileges
- Evaluating Application Security procedures and guidelines
- Performing a Risk Assessment
- Establishing an Incident Response Plan
- Establishing a cybersecurity team
Identropy has been working with financial service providers over the past few years on these initiatives, and we’ve seen over and over again that organizations are often unaware of how much refinement is needed until comprehensive analysis is done of their current program.
It's Time for Analysis
Many organizations have been putting off this analysis for years. But that’s not possible anymore with New York, one of the two biggest markets in North America for financial service providers, instituting regulations that could potentially keep a business from operating in the state.
You don’t want to be one of the organizations staring this compliance deadline down without a plan. Identropy is actively helping organizations prepare and meet these regulations and we’d be more than happy to discuss your program with you.
Are You Prepared?
Even more significantly, these rules are said to be "the first rules of their kind in the United States by any state or federal agency" according to this source.
New York often creates the standard for state regulations around industries in America and has set its sights on creating a model law for cybersecurity programs in financial service organizations, and other states are likely to follow suit with the bar they set.
So like they say, if you can comply the stringent Cyber-Security regulations in New York, you can make it anywhere.