Info banner
A significant part of the Healthesystems vision is to create a more integrated experience for our customers

October 28, 2024

New York Issues Guidance on Cybersecurity Risks from AI

Go to Advocacy & Compliance Home

The New York Department of Financial Services (DFS) issued new cybersecurity guidance for all entities regulated by the DFS, focusing on risks from artificial intelligence (AI).

As AI use grows, it also presents new opportunities for cybercriminals at greater scale and speed. This Guidance highlights some of the more concerning threats identified by cybersecurity experts, but the guidelines are not exhaustive. Rather, the guidelines can help entities understand and assess AI-related cybersecurity risks and outlines controls to mitigate those risks.

Matters addressed in the guidance include:

  • AI-enabled social engineering
  • AI-enhanced cybersecurity attacks
  • Exposure or theft of vast amounts of nonpublic information
  • Increased vulnerabilities due to third-party, vendor, and other supply chain dependencies
  • Controls and measures that mitigate AI-related threats
  • Risk assessments and risk-based programs, policies, procedures and plans
  • Third-party service provider and vendor management
  • Access controls
  • Cybersecurity training
  • Monitoring
  • Data management

Subscribe to Regulatory Recap

Get weekly legislation & policy updates straight to your inbox.
lockenvelopephone-handsetmagnifiermenuarrow-leftcross-circle