Skip to content
New cyber security developments, including network intrustions, legal and state regulations, and growing exposure to legal liability for data breaches, indicate that risk assessment is significantly more crucial than ever before for global financial firms and companies. Director Timothy C. Stone and former Director N. David Neeman explore the evolution of cyber security compliance in their Corporate Counsel article, “A Stitch in Time Saves Nine: Sustainable Compliance in Cyberspace.”Â
Until recently, cybersecurity compliance was generally unregulated. In March 2017, however, New York’s Department of Financial Services (“DFS”) released cybersecurity requirements stating that financial services companies must:
- Designate a Chief Information Security Officer who is responsible for overseeing and enforcing cybersecurity regulations;
- Create a cybersecurity program that involves monitoring, testing, and risk assessment; and
- Implement written policies addressing fourteen different areas like information security, data governance and classification, and more.
Federal bank regulators, including the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation, have followed suit and issued new rules, as well. The legal and regulatory rules indicate that companies must be proactive in building a sustainable, technology-enabled compliance program that addresses relevant challenges, thus making risk assessment critical as “the foundation for remediating any gaps.” To read the full article, click here.
For more about Exiger’s risk assessment solutions and offerings, click here.
