NYDFS releases guidance on third-party service provider risks | Data Protection Report

The NYDFS has released guidance to help licensees comply with its cybersecurity regulation, focusing on managing risks associated with third-party service providers. This guidance includes recommendations for vendor due diligence, contract provisions, and ongoing monitoring, emphasizing a risk-based approach to ensure cybersecurity.