The New York Department of Financial Services has sent a shot across the bows of New York financial institutions, suggesting that it will require them to pay closer attention to the cybersecurity controls of their service providers, including law and accounting firms.  In a letter to the chief executives, information officers, and general counsels at New York financial institutions, Benjamin Lawsky, the Superintendent of the NYDFS, said that “the Department is considering a requirement that regulated financial institutions obtain representations and warranties” from their service providers regarding their “cyber security standards and policies.”  To help the Department understand the practices currently in place, he requested that financial institutions provide the agency, by November 14, with copies of “any policies and procedures governing relationships with third-party service providers that address information security risks.”