Now that the NYDFS Cybersecurity Requirements for Financial Services Companies have been finalized, many financial organizations face a significant number of risk compliance challenges, including the responsibility of appointing a chief information security officer (CISO).
The Cybersecurity Requirements stipulate that organizations should conduct a risk assessment to form the basis of their cybersecurity program. Doing so will enable them to formulate an informed plan to protect nonpublic information or information systems from unauthorized access by implementing appropriate measures and introducing regular cybersecurity awareness training for all personnel. Continuous monitoring or annual penetration testing and biannual vulnerability assessments are also compulsory. The appointed CISO is responsible for overseeing and implementing the cybersecurity program, and enforcing its policy.
To help financial service providers understand their compliance requirements, IT Governance will deliver a live webinar session on March 23, 2017.
Time: 10:15 – 11:00 am (PST) 1:15 – 2:00 pm (EST)
This webinar will give an overview of the CISO’s role and how to successfully set up and maintain a risk management program that aligns with the Regulation. We will cover the following topics:
- The responsibility to appoint a CISO
- Implementing an application security program (internal and external) and CISO review
- Overview of the risk assessment policy and procedures
- Setting up a program specific to your organization’s information systems and business operations
Want to learn how implementing the international standard ISO 27001 will help you meet the NYDFS Cybersecurity Requirements? Download our free green paper: NYDFS Cybersecurity Requirements – Part 1: The Regulation and the ISO 27001 standard.