Recent Posts

Electric Utility Sector Third Party Risk: FERC Order No. 850 As of December 2018, new supply chain risk management reliability standards (Order No. 850) issued by the Federal Energy Regulation Commission (FERC) went into effect. Going forward, electric utilities must assess their vendors during planning and procurement to confirm adequate security posture and controls. Electric utilities can make strides toward compliance with the three reliability standards (CIP-013-1, CIP-

Starting today, March 1, 2019, banks, insurance companies, and financial services firms operating in the state of New York must have written policies and procedures in place ensuring they adequately vet their vendors’ information security systems. The vendor security requirement is the last phase of the NYDFS Cybersecurity Requirements that went into effect two years ago on March 1, 2017. The vendor security requirement can found in 23 NYCRR 500 Section 500.11 (p7). The Thi