INFORMATION SECURITY

Protecting Against Evolving Cybersecurity Threats

In today's fast-paced and interconnected digital landscape, the threat of cyberattacks is a constant and looming challenge for organizations worldwide. As cyber adversaries continue to evolve their tactics and techniques, BNY strives to proactively fortify its defenses and prepare to effectively mitigate potential risks through a security-first mindset.

We are committed to maintaining the trust of our clients, employees and shareholders. This includes transparent communication around how we deliver on our information security program’s operational excellence strategy.

At the heart of our mission is building trust with our clients, ensuring their resilience against evolving cyber, technology, and data risks. By prioritizing their needs and translating complexity into clarity, we guide them toward informed decision-making and success.

Dave Robinson
CISO

Certification Governance Security-Aware Culture Cyber Innovation

Certification

Grounded in a robust cybersecurity services model, the cybersecurity program at BNY uses layered controls, known as defense-in-depth, to uphold the highest, internationally recognized, standards to protect information assets. BNY’s Information Security Management System is ISO 27001:2022 certified, and the program is aligned to the National Institute of Standards and Technology (NIST) Cybersecurity Framework, demonstrating the firm's commitment to maintaining resilient cybersecurity practices.

Governance

Clients expect us to protect their data. Therefore, BNY invests in advanced technology designed to safeguard data across operations and communications between clients and internal systems, based on global industry best practices and standards. BNY has implemented policies and procedures designed to detect, prevent and respond to malicious and accidental disruptions to the delivery of critical technology services.

Security-Aware Culture

Instilling staff awareness of new and emerging cyber threats helps prepare the workforce to be cyber-ready. BNY drives a security-aware culture through a variety of methods, including annual training, ongoing awareness, phishing testing, cyber threat simulations and an enterprise cybersecurity response guide, to build and strengthen employees’ awareness of and ability to identify and report suspicious activity. These efforts help ensure our people are active participants in building awareness of threats and they foster a mindset where every employee understands safeguarding the organization's data and systems.

Cyber Innovation

Our team’s mission is to defend future global capital markets through cyber resiliency by implementation of both a security-first mindset and innovative cyber solutions. How we deliver our cyber innovation mission is simple:

Our team: We take pride in our approach to evolving our cybersecurity threat practice.
Our processes: Cyber operational excellence is at our core with our cyber assessment methodologies demonstrating our agility to continue to deliver quality cybersecurity services.
Our technologies: We work hand in hand with the global cyber industry to strengthen our global financial markets defenses by implementing cybersecurity features and cybersecurity product offerings.
Our client product and service offerings: Our cybersecurity shared responsibility model embeds innovative cybersecurity solutions into our product and service offerings.

Responsible Disclosure

BNY does not accept external code contributions. We value the global security professional community, and we appreciate any potential issues or concerns identified via any BNY GitHub public repositories reported by the community. We may elect to address them at our sole discretion. Additionally, BNY partners with the global security industry for reporting security flaws directly to the relevant parties responsible for the the security flaws.

If you have any queries about Information Security at BNY, please reach out to your relationship manager.

BNY is the corporate brand of The Bank of New York Mellon Corporation and may be used to reference the corporation as a whole and/or its various subsidiaries generally. This material and any products and services mentioned may be issued or provided in various countries by duly authorized and regulated subsidiaries, affiliates, and joint ventures of BNY. This material does not constitute a recommendation by BNY of any kind. The information herein is not intended to provide tax, legal, investment, accounting, financial or other professional advice on any matter, and should not be used or relied upon as such. The views expressed within this material are those of the contributors and not necessarily those of BNY. BNY has not independently verified the information contained in this material and makes no representation as to the accuracy, completeness, timeliness, merchantability or fitness for a specific purpose of the information provided in this material. BNY assumes no direct or consequential liability for any errors in or reliance upon this material.

This material may not be reproduced or disseminated in any form without the express prior written permission of BNY. BNY will not be responsible for updating any information contained within this material and opinions and information contained herein are subject to change without notice. Trademarks, service marks, logos and other intellectual property marks belong to their respective owners.