The New York Department of Financial Services (NYDFS)
The Cybersecurity (NYDFS 23 NYCRR §500) Playbook addresses the following areas:
- Cybersecurity Program
- Cybersecurity Policy
- Chief Information Security Officer
- Penetration Testing and Vulnerability Assessments
- Audit Trail
- Access Privileges
- Application Security
- Risk Assessment
- Cybersecurity Personnel and Intelligence
- Third Party Service Provider Security Policy
- Multi-Factor Authentication
- Limitations on Data Retention
- Training and Monitoring
- Encryption of Nonpublic Information
- Incident Response Plan
- Notification of Cybersecurity Event(s), and
- Confidentiality
.png?width=81&height=37&name=Back%20(Small2).png){kind=small}