From: JDSupra Business Advisor
by Robert Schmidlin | Carlton Fields Jorden Burt
The New York State Department of Financial Services (NYDFS) has released a report entitled “Update on Cyber Security in the Banking Sector: Third Party Service Providers.” The report details the findings of an October, 2014 survey of 40 banking organizations regulated by the department, and identified potential cyber security vulnerabilities with banks’ third-party vendors. Banks rely on third-party vendors for a broad range of services and often have access to a financial institution’s information technology systems, providing a potential point of entry for hackers to obtain sensitive customer data. Among the report’s findings, the department found that 1 in 3 surveyed banks did not require third-party vendors to notify them of cyber security breaches.
As a result of the report’s findings, NYDFS is now considering new regulations for financial institutions, establishing cyber security standards applicable to their relationships with third-party service providers, including potential measures related to the representations and warranties banks receive about the cyber security protections those providers have in place. These regulations could have a significant compliance impact on third-party service providers, including the title insurance industry.
Leave a Reply