New cybersecurity rules demand ongoing training for cybersecurity professionals in NY

Wednesday 22 February 2017 09:29 CET | News

The State of New York has introduced new cybersecurity regulations for the financial services industry.

The Department of Financial Services (DFS) rules (23 NYCRR 500) go into effect on March 1, 2017. Though similar to previous cybersecurity regulations, some sections stress the need for ongoing training for cybersecurity professionals.

For example, the Cybersecurity Personnel and Intelligence section mentions that involved entities shall utilize qualified cybersecurity personnel, provide cybersecurity personnel with cybersecurity updates and training sufficient to address relevant cybersecurity risks; and verify that key cybersecurity personnel take steps to maintain current knowledge of changing cybersecurity threats and countermeasures.

Given the pervasive nature of the cybersecurity skills shortage, financial services organizations operating in New York State may struggle to meet these obvious and basic cybersecurity requirements, according to Network World. Still, they can get around these requirements by transferring risk to “an Affiliate or qualified Third Party Provider.” 

Commenting on this regulation, David Vergara, VASCO Data Security said: “In recent time, the regulatory pendulum has begun to swing in favour of a “lighter” approach for banks, financial services and for other industries too, for that matter. It’s good to see, however, that good sense regulations like this one have survived to offer additional consumer protection via thorough evaluations of third party vendors, comprehensive risk assessments and advocacy for stronger multi-factor authentication.”

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: cybersecurity, training, fraud prevention, New York, US, regulation, David Vergara, VASCO Data Security
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Countries: World
This article is part of category

Securing Transactions