The New York Department of Financial Services recently released updates to its guidance on third-party risk management for financial services firms. These updates emphasize the importance of vigilance toward third-party providers, particularly following an Amazon Web Services outage that highlighted the risks associated with reliance on single vendors. This guidance, rooted in the cybersecurity regulations established in 2017, includes essential requirements such as two-factor authentication and specific data-retention protocols.
Notably, the new provisions incorporate recommendations for AI usage, reflecting the pervasive nature of this technology in various services. Bob Maley from Black Kite pointed out that while these additions acknowledge the realities of AI, they may also introduce challenges for companies aiming for agility in their vendor contracts. The focus on awareness and risk assessment among business leaders underlines a shift in approach toward managing technological dependencies. As regulations evolve, ongoing revisions aim to ensure clarity and relevance in the context of an ever-changing tech landscape.
👉 Pročitaj original: CyberScoop
