February 13, 2017
Webinar - Webinar Explains NY State Cybersecurity Rules
By Paula Bernier, Executive Editor, TMC
Changes in government rules and regulations can be tough to navigate. It takes time, effort, and expertise to figure out what exactly is required. Then you have to be sure to put the people, processes, and systems in place to ensure compliance. And you need to do all that while hitting the necessary deadlines.
Recently the state of New York established new cybersecurity regulations with which financial services companies must comply by this spring. Those laws, developed by the New York State Department of Financial Services, aim to protect customer information and the IT systems of regulated entities, require organizations to create programs to assess and address their cybersecurity risks, and ask the businesses to prove compliance on an annual basis, among other things.
David Kim, principal consultant of ePlus Technology Inc., recently presented a webinar reviewing these rules and the thinking behind them. He also explained what they mean for New York financial services firms.
Kim is an expert on compliance laws and requirements for information security and privacy. During his 30-year career, Kim has served as virtual chief information officer for organizations without a CISO that need network security leadership and guidance.
He is also certified by the Payment Card Industry Council as a Qualified Security Assessor. And he has extensive knowledge of GLBA, FFIEC, SOX, HIPAA, and other industry security standards.
During the webinar, Kim guides listeners through the five ways ePlus can help businesses address cybersecurity requirements. That includes by providing a virtual CISO, which is a C-level security expert that a company can hire on a limited, outsourced, and on-demand basis.
It also can perform New York State DFS Cybersecurity gap analysis. It can develop a gap remediation plan and budget for organizations. It can do gap remediation to meet DFS deadlines and achieve DFS compliance.
And it can write and submit a company’s certification on compliance report. These reports are due Feb. 15 of 2018.
This webinar is now available on demand. To look and listen to it, click here.