On May 21, 2026, the New York Department of Financial Services (“NYDFS”) issued two Industry Letters to the organizations it regulates (“Regulated Entities”): “Heightened Cybersecurity Risks Associated with Frontier AI Models” (the “Advisory”) and “Guidance on Measures Regulated Entities Should Consider in a Heightened Cybersecurity Threat Environment” (the “Guidance”) (collectively, the “Letters”). The Letters discuss various recommended security controls Regulated Entities should consider in light of a heightened cybersecurity threat environment (defined as a period when “cybersecurity risks are significantly elevated and therefore have a high likelihood of impacting Information Systems, Nonpublic Information or operations”) and in light of the threats presented by Frontier AI Models (defined as AI models that “amplify the potency, scale, and speed of identifying vulnerabilities and exploits in information systems”).
Although NYDFS frames the security measures as best practices that Regulated Entities “should consider,” and expressly states that neither the Guidance nor the Advisory impose any new requirements, the Letters both encourage Regulated Entities to assess and take appropriate measures that extend beyond the minimum controls required by Part 500 during periods of heightened risk, including, most pointedly, the risks NYDFS anticipates from Frontier AI Models. As with other cybersecurity controls, whether, and to what extent, these measures should be employed continues to “depend on the unique circumstances and operations of an organization.”
Advisory Summary
Although certain new Frontier AI Models relating specifically to vulnerability and exploit identification are not yet broadly available, NYDFS uses the Advisory to caution that “such capabilities may become more available soon,” and urges Regulated Entities to prepare now.
According to the Advisory, “[t]he best preparation for Frontier AI Models is a robust cybersecurity program that includes timely and comprehensive vulnerability identification and remediation.” NYDFS encourages Regulated Entities to review and update their risk assessments to reflect the evolving risks posed by this technology and to consider, for example, whether to strengthen operational resilience by replacing end-of-life or legacy information systems.
The Advisory refers Regulated Entities to certain of the measures outlined in the Guidance, discussed below, and highlights four targeted recommendations specific to the Frontier AI Models:
- Expedited Vulnerability Management. The Advisory recommends that Regulated Entities reassess their procedures for evaluating the criticality and threat of known vulnerabilities and review vulnerability management timelines to determine whether accelerated detection and remediation are warranted in light of updated risk assessments.
- Coordination with Third-Party Service Providers. The Advisory recommends that Regulated Entities develop and maintain dependency maps and coordinate with critical third-party service providers—and material downstream providers—to address significant vulnerabilities and operational risks, monitor and validate third-party code, and clearly allocate responsibilities between the Regulated Entity and the third party.
- Strengthening Secure Programming Practices. The Advisory recommends that organizations restrict and validate inputs before running scripts or processes and confirm the use of secure programming practices. The Advisory specifically calls for additional testing and validation procedures—including human oversight—for AI-generated code before deployment in production environments.
- Heightened Monitoring and Prompt Reporting. The Advisory recommends that Regulated Entities evaluate whether existing logging and security event alerting capabilities are sufficient to address heightened threats, and review and test threat-relevant operational resilience procedures, which may require more frequent exercise as AI-enabled cyber capabilities evolve.
The Advisory closes by reminding Regulated Entities that the list is not exhaustive and that the Department’s October 16, 2024 guidance on Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks contains additional information about AI-related cybersecurity threats and capabilities.
Guidance Summary
The Guidance is not tailored to Frontier AI Models but rather a “heightened cybersecurity threat environment” more generally, which contemplates “geopolitical events that have the potential to increase the risk of cyberattacks, or technological developments that materially change cybersecurity risks.” It is organized into three sections corresponding to the three phases of a cyber defense: (1) reducing the attack surface; (2) improving threat detection and readiness; and (3) improving resilience and response.
Reducing the Attack Surface
Section 1 of the Guidance instructs Regulated Entities to take specific measures to strengthen their existing systems. The recommendations can be grouped into three themes: remediating vulnerabilities, hardening access controls, and tightening general oversight.
- Remediating Vulnerabilities: The Guidance suggests Regulated Entities identify and remediate without delay, “known exploited vulnerabilities in firmware, hardware, and software.” NYDFS specifically calls out vulnerabilities in “Information Systems exposed to the Internet” as warranting heightened attention. The Guidance also suggests that, where possible, Regulated Entities consider disabling inactive or unnecessary ports and protocols.
- Hardening Access Controls: The Guidance suggests that Regulated Entities consider tightening their multifactor authentication (“MFA”) practices by restricting enrollment, employing strong identity verification, and using phishing-resistant MFA methods. It also suggests other protective measures such as IP accept-listing and maintaining segmented networks to limit lateral movement.
- Tightening General Oversight: The Guidance then suggests that Regulated Entities ensure that their systems and processes are used appropriately by preventing the use of malicious programs or scripts. This includes restricting and validating user inputs prior to running scripts or processes, preventing unauthorized exposure of sensitive data, credentials, and encryption keys, and confirming that secure programming practices are used. “Validating inputs” in this context is a defensive control aimed at protecting against code injection and the execution of malicious scripts—not a data-quality measure. The Guidance also encourages secure programming practices for AI-generated code, including additional testing, validation, and human oversight before deployment.
Improving Threat Detection and Readiness
Section 2 of the Guidance suggests that Regulated Entities assess whether their threat detection, prevention, and response controls are current and capable of detecting anomalous activity. Beyond reviewing and updating firewalls, antivirus, and similar controls, Regulated Entities should ensure—the Guidance suggests—that personnel are aware of the steps they can take to prevent, detect, and respond to cyber threats (including social engineering) and that they are equipped to monitor for and act on indicators of compromise. The Guidance also recommends that Regulated Entities monitor and validate third-party code and engage with critical third-party service providers regarding shared responsibilities for cyber risk.
Improving Resilience and Response
Section 3 of the Guidance addresses redundancy and recovery. Per the Guidance, Regulated Entities should maintain tested backup plans that enable timely recovery and restoration of any systems affected by a cyberattack and should have processes and programs in place to address prolonged system and service disruptions. Section 3.2 specifically addresses threat-relevant operational resilience procedures, which entities may need to test and exercise more frequently as the threat environment evolves.
Addressing a Growing Threat
NYDFS’s decision to issue the Guidance and Advisory on the same day underscores the regulator’s focus on the risks that certain new Frontier AI Models relating to vulnerability and exploit identification may pose to Regulated Entities. As AI-enabled capabilities continue to evolve, threat actors may be able to identify and exploit vulnerabilities more quickly, including at organizations with otherwise mature cybersecurity programs. In light of that risk, NYDFS is encouraging Regulated Entities to use these Letters as a prompt to reassess whether their existing controls, vulnerability-management timelines, third-party oversight, and operational resilience measures remain appropriately calibrated to the current threat environment, before the broader release of these models accelerates the asymmetry between attackers and defenders.
