Cyber-security policies are the newest area to fall into the lap of the compliance professional. Fortunately, the state of New York’s Department of Financial Services (DFS) has issued the first state level regulations on cyber-security for financial institutions. They became effective March 1, 2017, and while they are designed to protect financial services industries and consumers, they have application to and provide guidance for, a wider variety of non-financial service companies and commercial enterprises. It mandates your overall cyber-security policy should be designed to meet the goals to prevent, detect, and remediate a cyber-security event.
