The NAIFA-NYS Cybersecurity Compliance Package

The NAIFA-NYS Cybersecurity Compliance Package is a tool for you to use to help you comply with the Department of Financial Services (DFS) new cybersecurity regulation.  Compliance with the regulation is risk-based—that is, each covered entity’s requirements for compliance are based upon that entity’s specific risk profile. This compliance package, therefore, is not designed to be one-size-fits-all.  Businesses of different types and sizes will arrive at different compliance needs after utilizing the package.

We advise that you use the tools in the compliance package in consultation with your own IT expert to develop both the hardware and software measures you need to implement all of the cyber protections that the DFS regulation requires.

The package was developed in conjunction with the prestigious Center for Internet Security (CIS) and consists of three parts:

  • access to an internet portal for the purpose of assisting an agent, through a series of questions, in conducting the cyber risk assessment required by the DFS regulation.  The results of the risk assessment may be downloaded for your records.
  • a draft model policy, as required by the regulation, for an agent to adapt to his or her business, based upon the results of the risk assessment. (The sections in the model policy directly correspond with the required policy sections in the regulation.)
  • an online audio training session, as required by the regulation, that is conducted by a CIS representative for an agent and his or her employees

NAIFA-NYS staff and CIS personnel will be available to help you use the compliance package.

NAIFA-NYS Members $300 per package

Non-Members $1,200 per package

After you purchase the NAIFA-NYS Cyber-Security Compliance Package, we will send you—within two (2) business days after we receive your payment—an e-mail with the following information:

  • a link to a NAIFA-NYS web page where you can access the online portal to determine your cyber risk, as well as access the cyber policy template and the audio training session
  • a password so that you can log into the online portal, and directions to guide you through the online risk assessment process

Please feel free to contact NAIFA-NYS staff at 518-915-1661 or at with any questions.