The New York State Department of Financial Services (NYDFS) has expanded its information technology examination procedures to focus more attention on cyber security. NYDFS intends to schedule IT/cyber security examinations after conducting comprehensive risk assessments. In a letter dated March 26, 2015, Superintendent Benjamin Lawsky (available here) asks insurers to submit a report no later than April 27, 2015, describing in detail the insurers information security policies and procedures. In the letter, NYDFS also encouraged all institutions to view cyber security as an integral aspect of their overall risk management strategy, rather than solely as a subset of information technology.
Sign up for our newsletter and get the latest to your inbox.