Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

NY DFS Updates Third Party Cyber Rules

October 23, 2025
Reading Time: 2 mins read
in News
NY DFS Updates Third Party Cyber Rules

New York State Department of Financial Services ($\text{DFS}$) Acting Superintendent Kaitlin Asrow today released new cybersecurity guidance, specifically targeting the heightened risks associated with $\text{DFS}$-regulated entities’ increasing reliance on third-party service providers ($\text{TPSPs}$).

This issuance, timed to coincide with Cybersecurity Awareness Month, is a continuation of the Department’s significant efforts to shield both New Yorkers and the entities it regulates from cyber threats, leveraging its widely recognized and influential cybersecurity regulation. The guidance reinforces the $\text{DFS}$’s proactive stance on digital security in the financial sector.

Acting Superintendent Kaitlin Asrow emphasized that while third-party service providers are instrumental in fostering innovation and driving substantial efficiencies within the financial system, the underlying responsibility for consumer protection and risk management remains squarely with the regulated entities. Her statement makes it clear that accountability cannot be outsourced.

This perspective underscores the need for $\text{DFS}$-regulated firms to maintain rigorous oversight of their external partners to ensure the integrity of the financial system.To safeguard the secure operation of financial services and ensure the protection of nonpublic information, the Acting Superintendent asserts that entities must establish and rigorously maintain appropriate internal risk management controls when engaging with $\text{TPSPs}$. This is a critical component of the guidance, stressing that effective risk management is an ongoing obligation.

It ensures that the convenience and benefits of using third-party services do not come at the cost of diminished security for sensitive data.It is important to note that this new guidance does not introduce any new requirements or legal obligations for $\text{DFS}$-regulated entities. Instead, its primary function is to provide clarity on the existing regulatory requirements already set forth in the $\text{DFS}$’s seminal cybersecurity regulation. This makes the guidance a helpful interpretive tool for compliance officers and risk managers.

Ultimately, the guidance is designed to clarify the regulatory landscape and disseminate best practices that entities should seriously consider implementing to enhance their security posture. By clarifying expectations and sharing effective strategies, the $\text{DFS}$ aims to help regulated entities strengthen protections for New Yorkers, ensuring a more resilient and secure financial environment overall.

Reference:

  • NY DFS Issues Cybersecurity Guidance To Manage Risks From Third Party Service Providers
Tags: Cyber NewsCyber News 2025Cyber threatsOctober 2025
ADVERTISEMENT

Related Posts

NY DFS Updates Third Party Cyber Rules

Keycard Raises 38 Million Funding

October 23, 2025
NY DFS Updates Third Party Cyber Rules

Jaguar Land Rover Cyberattack Hits UK

October 23, 2025
Hackers Make 520K At Pwn2Own

Hackers Make 520K At Pwn2Own

October 22, 2025
Hackers Make 520K At Pwn2Own

Monolock Ransomware Sold Online

October 22, 2025
Hackers Make 520K At Pwn2Own

Meta Launches New Anti Scam Tools

October 22, 2025
Lumma Stealer Activity Declines

South Korea Targets Online Scam Suspects

October 21, 2025

Latest Alerts

Gift Card Heist Via Cloud Hackers

MuddyWater Launches Global Spying

Fake Zoom Calls Target Ukraine Aid

Copilot Flaw Exposes Sensitive Data

PolarEdge Expands Router Botnet

Google Finds New Russian Malware

Subscribe to our newsletter

    Latest Incidents

    Ransomware Hits Jewett Cameron

    Salt Typhoon Hacks European Telecom

    JFL Loses 800K Weekly After Hack

    Union Cyberattack Raises Concerns

    Romanian Prisoner Hacks Prison IT

    Hackers Claim Data On NSA Officials

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial