3rd Party Risk Management , Standards, Regulations & Compliance

NY Cybersecurity Reg Compliance: Focus on Vendor Risk

Attorney Ted Augustinos on New Guidelines for Third-Party Risk Management Tom Field (SecurityEditor) • December 6, 2018    
Ted Augustinos, partner, Locke Lord LLP

As of March 1, 2019, covered entities will be required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements? Attorney Ted Augustinos, a partner at Locke Lord LLP, outlines the new compliance landscape.

See Also: How to Reduce Compliance and Risk Workload to Increase Cybersecurity Revenue for Managed Security Service Providers (MSSPs)

In a video interview at Information Security Media Group's recent Legal & Compliance Summit in New York, Augustinos discusses:

  • Compliance with the New York regulation;
  • Specific guidelines for vendor risk management;
  • Emerging legislation beyond New York that deals with third-party risks.

Augustinos is a partner at Locke Lord LLP, an international law firm with practices in the U,S., U.K. and Asia. He serves as a member of the steering committee of the firm's privacy and cybersecurity group and leads the group's incident response team and its NY DFS cybersecurity initiative. Augustinos is also managing partner of the firm's Hartford office. He has counselled clients in numerous industries, including financial services, healthcare, insurance, defense, retail, public utilities, professional services and education.

Previous
GDPR Compliance: The Role of Vendor Risk Management
Next
A CISO's View on Analytics in Healthcare Security

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.



Around the Network

Critical Considerations for Generative AI Use in Healthcare
Critical Considerations for Generative AI Use in Healthcare
Why Connected Devices Are Such a Risk to Outpatient Care
Why Connected Devices Are Such a Risk to Outpatient Care
Addressing Security Gaps and Risks Post-M&A in Healthcare
Addressing Security Gaps and Risks Post-M&A in Healthcare
Why OT Security Keeps Some Healthcare Leaders Up at Night
Why OT Security Keeps Some Healthcare Leaders Up at Night
Zero Trust, Auditability and Identity Governance
Zero Trust, Auditability and Identity Governance
Why Entities Should Review Their Online Tracker Use ASAP
Why Entities Should Review Their Online Tracker Use ASAP
The State of Security Leadership
The State of Security Leadership
Generative AI: Embrace It, But Put Up Guardrails
Generative AI: Embrace It, But Put Up Guardrails
Inside Look: FDA's Cyber Review Process for Medical Devices
Inside Look: FDA's Cyber Review Process for Medical Devices
Threat Modeling Essentials for Generative AI in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.