New York’s financial regulator is urging financial services firms to boost their cybersecurity defenses. The Department of Financial Services (DFS) released a new set of guidelines to help organizations prepare for various cyber threats.
The DFS emphasizes that a “heightened threat environment” refers to times when cybersecurity risks are particularly high. These risks can potentially disrupt information systems or compromise sensitive data.
This new guidance doesn’t create additional legal obligations but outlines best practices for firms to adopt, especially if they aren’t already following New York’s existing extensive cybersecurity regulations.
Acting Superintendent Kaitlin Asrow stated, “This guidance provides our regulated entities actionable steps to take when the threat environment elevates.” Each organization is encouraged to review its unique situation and decide on appropriate measures.
The DFS suggests several key practices for financial institutions:
- Disable any inactive ports and protocols.
- Limit multi-factor authentication changes to secure processes vetted by IT.
- Educate all staff on how to prevent and respond to cyber threats.
- Communicate with third-party vendors to ensure they are aware of potential cyber risks.
- Keep a close eye on all financial transactions, especially involving virtual currencies.
Geopolitical events often heighten these risks. The current environment is uncertain, making businesses more vulnerable to cyberattacks. According to Aon’s 2025 Global Risk Management Survey, geopolitical volatility ranks as a top business risk, with cyber threats remaining a primary concern.
There’s growing anxiety over the capabilities of AI tools that hackers could exploit. Recent discussions among U.S. cybersecurity officials include tightening deadlines for addressing critical vulnerabilities in government systems. This shift reflects fears that enhanced AI technology, such as Anthropic’s Mythos, could be used maliciously.
In Europe, regulators are also taking steps. Financial authorities are reviewing how firms are fortifying their cybersecurity in light of these increasing threats linked to evolving AI technologies.
Since last fall, the DFS has warned financial firms about the risks associated with third-party service providers. Reliance on these external tools—like cloud services and fintech solutions—will likely heighten exposure to cybersecurity threats, according to their recent guidance on managing these risks.
In total, the DFS oversees over 3,900 banking and financial institutions that collectively manage more than $5.7 trillion in assets. So, ensuring robust cybersecurity is not just an option; it’s a necessity. For more on this guidance, visit the DFS website.
In today’s digital age, staying informed about cybersecurity threats is vital for businesses and individuals alike—an ongoing commitment to safety is more important than ever.
Source link
insurance cyber attack,New York cybersecurity regulations,New York Department of Financial Services (DFS) Superintendent Benjamin Lawsky
