New York’s top financial regulator is warning companies to tighten cybersecurity controls when working with third-party service providers.
Acting Superintendent Kaitlin Asrow of the Department of Financial Services issued the guidance on October 21 as part of Cybersecurity Awareness Month. The update urges DFS-regulated companies to strengthen internal risk management when outsourcing services.
“Third parties help drive innovation, but companies are still responsible for protecting consumers,” Asrow said. “Strong oversight is critical to safeguard nonpublic information and ensure secure operations.”
The guidance doesn’t add new rules but clarifies existing requirements and shares best practices for managing cybersecurity risks tied to vendors.
Full details and additional resources are available on the DFS Cybersecurity Resource Center.
FingerLakes1.com is the region’s leading all-digital news publication. The company was founded in 1998 and has been keeping residents informed for more than two decades. Have a lead? Send it to [email protected].