IAPP CIPP/US Practice Exam

Category - Professional

NYDFS Cybersecurity Regulation requires compliance through which of the critical requirements, in part?
  1. Employ defense infrastructure to protect against threats and use of a system to detect cybersecurity events.
  2. Identification of all external cybersecurity threats
  3. Inform customers of any cybersecurity breach so they can take solely and diligently act to recover from each cybersecurity event
  4. Provide cybersecurity event information to the NY Department of Financial Services for the state agency to respond directly
Explanation
Answer: A - NYDFS Cybersecurity Regulation requires compliance, in part, through financial institutions’ employment of a defense infrastructure to protect against cybersecurity threats. The state law also requires the use of a system to detect cybersecurity events.
 
Covered financial institutions are required to identify internal and external threats. Customers must be informed of any cybersecurity breach which stands to affect them. However, the customer is not solely responsible for acting diligently to recover. The FI is required to take action to recover from any cybersecurity event. Covered entities must not rely on the NYDFS to respond to cybersecurity events alone. The FI must respond to the cybersecurity event directly.
Was this helpful? Upvote!
Login to contribute your own answer or details

Top questions

Related questions

Most popular on PracticeQuiz