The NAIFA-NYS Cybersecurity Compliance Package

The NAIFA-NYS Cybersecurity Compliance Package is a tool for you to use to help you comply with the Department of Financial Services (DFS) new cybersecurity regulation.

Are you a licensed insurance producer or entity?

Do you maintain an IT system – a computer system of one or multiple devices for collecting, processing, storing, sending, or creating information?

Do you store non-public information – electronic information not “publicly available”?

Did you answer “YES” to the above questions?

Then you need this Compliance Package!

The package is a three-part online program that includes the following:

  • access to an online analytical tool, so that you can assess the cyber-security risk of your IT system (as required by the regulation)
  • access to a written model cyber-security policy, which you can edit to reflect your risk assessment (as required by the regulation)
  • an online training session (as required by the regulation)

The consequences of non-compliance with the DFS regulation can be significant – not just in fines and other penalties issued by DFS, but in the potential fallout to your business operations if someone breaches your cyber system.

PLEASE NOTE:  Purchasing the Compliance Package will not make you compliant with the regulation.  Covered entities must certify their compliance directly on the DFS web site at

As noted in DFS guidance (FAQ #14, available HERE), DFS does not want covered entities to submit supporting documents when certifying compliance with the regulation.  Such documents, which would include your NAIFA-NYS Compliance Package risk assessment report, should be kept for your records. 

NAIFA-NYS Members:   $300 per package

*Only members of the New York State NAIFA association are eligible for the member price.  Membership in other state NAIFA organizations does not apply.

Non-Members:   $1,200 per package

After you purchase the NAIFA-NYS Cyber-Security Compliance Package, we will send you—once we verify your NAIFA-NYS membership and receive your payment—an e-mail with the following information (please note that the e-mail may go into your SPAM folder):

  • a link to a NAIFA-NYS web page where you can access the online portal to determine your cyber risk, as well as access the cyber policy template and the audio training session
  • a password so that you can log into the online portal, and directions to guide you through the online risk assessment process