December 18, 2015
2016 New York state cybersecurity requirements for banks, expected to be applied country-wide, include multi-factor auth, regular audits and pentests, and exacting third-party vendor cybersecurity scrutiny.
New York state regulators are prepping to release new cybersecurity guidelines for banks that are expected to set a status quo for state-level and federal banking regulators.
The guidelines coming from the New York State Department of Financial Services cover required policies for vendor management, breach notification, implementing multi-factor authentication for customers, employees and service providers, and third-party security management policies.
This news will be a breath of fresh air for well-founded fears that banks have fallen behind in cybersecurity, although the new guidelines are expected for release in early 2016 and so far no deadline for complying with the guidelines has been revealed.