Swiss Army Knife

 

Education Level: Intermediate

4311 - Complying with New York's Cybersecurity Regulation for Financial Services Companies

Monday, September 25
4:30 PM - 5:30 PM

Whether directly impacted or not, it's good to understand the requirements for New York's Cybersecurity Regulation, given it is the first of its kind in the nation to focus primarily on consumer protection.

  • Controls relating to the governance framework for a robust cybersecurity program including requirements for a program that is adequately funded and staffed, overseen by qualified management, and reported on periodically to the most senior governing body of the organization.
  • Risk-based minimum standards for technology systems including access controls, data protection including encryption, and penetration testing.
  • Required minimum standards to help address any cyber breaches including an incident response plan, preservation of data to respond to such breaches, and notice to DFS of material events.
  • Accountability by requiring identification and documentation of material deficiencies, remediation plans and annual certifications of regulatory compliance to DFS.

    Learn during this session what parts can be incorporated from existing programs and what additional requirements are needed.

    Learning Objectives:

    Harvey Nusz

    Business Information Security Officer
    Insurance Industry

    Harvey Nusz, CISSP, CIPM, CISA, CRISC, CGEIT, is the BISO for JLT Holdings, an insurance broker based in London. Harvey is in their Houston office, and heads up the effort to comply with GDPR and the NYS DFS Cybersecurity Regulation, as well as other regulations and industry standards.

    Harvey spoke on GDPR at the 2016 Security Congress and wrote a series on the legislation for the (ISC)² membership magazine. Additionally, he's participated in two webinar panel discussions and presented at this year's Kuppinger Cole’s European Identity and Cloud Conference in Munichand at Ping’s Cloud Identity Summit in Chicago.

    Presentation(s):

    Send Email for Harvey Nusz


    Assets

    4311 - Complying with New York's Cybersecurity Regulation for Financial Services Companies



    Attendees who have favorited this

    Please enter your access key

    The asset you are trying to access is locked. Please enter your access key to unlock.

    Send Email for Complying with New York's Cybersecurity Regulation for Financial Services Companies