The NAIFA-NYS Cybersecurity Compliance Package

The NAIFA-NYS Cybersecurity Compliance Package is a tool for you to use to help you comply with the Department of Financial Services (DFS) new cybersecurity regulation.

Are you a licensed insurance producer or entity?

Do you maintain an IT system – a computer system of one or multiple devices for collecting, processing, storing, sending, or creating information?

Do you store non-public information – electronic information not “publicly available”?

Did you answer “YES” to the above questions?

Then you need this Compliance Package!

The package is a three-part online program that includes the following:

  • access to an online analytical tool, so that you can assess the cyber-security risk of your IT system (as required by the regulation)
  • access to a written model cyber-security policy, which you can edit to reflect your risk assessment (as required by the regulation)
  • an online training session (as required by the regulation)

The consequences of non-compliance with the DFS regulation can be significant – not just in fines and other penalties issued by DFS, but in the potential fallout to your business operations if someone breaches your cyber system.

PLEASE NOTE:  Purchasing the Compliance Package will not make you compliant with the regulation.  Covered entities must certify their compliance directly on the DFS web site at

NAIFA-NYS Members:   $300 per package

*Only members of the New York State NAIFA association are eligible for the member price.  Membership in other state NAIFA organizations does not apply.

Non-Members:   $1,200 per package

After you purchase the NAIFA-NYS Cyber-Security Compliance Package, we will send you—once we verify your NAIFA-NYS membership and receive your payment—an e-mail with the following information (please note that the e-mail may go into your SPAM folder):

  • a link to a NAIFA-NYS web page where you can access the online portal to determine your cyber risk, as well as access the cyber policy template and the audio training session
  • a password so that you can log into the online portal, and directions to guide you through the online risk assessment process