Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 10-day trial to continue exploring with full access.

The intersection of cyber-security with the compliance professional

Tom Fox | February 11, 2018

Cyber-security policies are the newest area to fall into the lap of the compliance professional. Fortunately, the state of New York’s Department of Financial Services (DFS) has issued the first state level regulations on cyber-security for financial institutions. They became effective March 1, 2017, and while they are designed to protect financial services industries and consumers, they have application to and provide guidance for, a wider variety of non-financial service companies and commercial enterprises. It mandates your overall cyber-security policy should be designed to meet the goals to prevent, detect, and remediate a cyber-security event.

While the regulation is obviously geared toward financial services firms, there were several points that any non-financial services compliance practitioner should consider. The overall cyber-security program should be designed to meet the three goals of any best practices compliance program: (a) preventing any cyber-security... To get the full story, subscribe now.