Get Started with a One-to-One Personalized Demo
Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.
See IncMan SOAR in Action.
Faced with the growing threat of cyber attacks and the challenges involved in recovering from various cyber security events, New York state’s authorities have rolled out new cyber security regulations that apply to financial institutions operating within the state. New York’s Department of Financial Services (DFS) has issued the final Cybersecurity Requirements for Financial Services Companies, affecting “Covered Entities”, defined as “any Person operating under or required to operate under a license, registration, charter, certificate, permit, accreditation, or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law”, establishing a set of standards that have to do with reporting cyber security breaches to regulators, in addition to implementing specific cyber security policies.
The new regulation aims to protect New York’s banks and insurance providers against cyber attacks, along with protecting sensitive consumer data. To that end, the rules - that went into effect on March 1 - prescribe a wide-ranging set of requirements for financial services companies in terms of specific steps they are supposed to take to be better prepared for cyber security incidents and how and when they must notify authorities of cyber attacks on their computer systems and networks.
According to the regulations, financial services companies are required to create a cyber security program that is expected to protect their information systems against cyber attacks. A covered entity’s cyber security program should be focused on identifying internal and external cyber security risks, detecting cyber security events, responding to detected cyber security events, recovering from cyber security events, and complying with reporting obligations.
As far as cyber security policies are concerned, covered entities are required to implement them in order to be able to address systems and network security, information security, data governance, customer data privacy, risk assessment, and incident response, among other aspects of cyber security.
When it comes to incident response plans, the new rules state that reporting cyber security incidents to regulators must be a paramount part of those plans. Regulated entities are required to confirm they gathered documentation regarding cyber security events and report them to various government and supervisory bodies, as part of their previously devised incident response plans.
Compiling documentation in reference to cyber security events, creating appropriate reports, and notifying authorities can be a tedious task for any organisation’s CSIRT. Companies can face tough consequences if they don’t complete the documentation in a timely and proper manner. Companies often require the solution of a cyber incident response platform that can generate reports on cyber security incidents automatically and in various formats, and is also capable of tracking and collecting evidence, helping their cyber security teams compile the required documentation faster and effortlessly.
These types of platforms also can also help companies’ CSIRTs predict and detect cyber security breaches and respond as fast as possible, which is one of the main capabilities the new cyber security regulations require from covered entities.
John Moran / 23 Oct 2018
Security teams often rely on threat intelligence during both the triage and investigation stages of an event. Learn more about using threat intelligence effectively in security automation and orchestration utilizing Cisco's security suite with DFLabs.
Mike Fowler / 5 Jul 2018
Julie Tillyard / 20 Jun 2018
Julie Tillyard / 4 Apr 2018
CISOs face a wide spectrum of challenges in 2018. Security orchestration, automation and response platforms can help them tackle those challenges.
Dario Forte / 9 Aug 2017
See IncMan SOAR in Action.