The New York Department of Financial Institutions today recognized the Cyber Risk Institute’s Financial Services Cybersecurity Profile as an assessment tool that meets state cybersecurity regulations for banks and financial firms.
In an update of frequently asked questions on cybersecurity, DFS said the profile met Sections 500.9 and 500.2(b) for banks and financial firms subject to the state’s cybersecurity risk management requirement.
The assessment created by CRI—a coalition of financial institutions and trade associations including ABA—is intended to help financial institutions reduce the overall time spent on cyber risk compliance. The tool is based on global regulations and cyber standards, such as ISO and NIST.
CRI is scheduled to release an updated profile and comprehensive workbook before the end of the year.