The tools and guidance financial professionals need to comply with NYDFS regulations.
All financial companies with a branch in New York, as well as third-party suppliers of New York-based institutions are required to implement security measures in order to protect themselves against cyber attacks. NYDFS (also known as 23 NYCRR 500) requires financial institutions to implement specific policies and procedures to better protect user data. We can help you establish a detailed cybersecurity plan, enact a comprehensive cybersecurity policy, and initiate and maintain an ongoing reporting system for cybersecurity events.
Best Practices for NYDFS Standards
Creation and ongoing management of a Cybersecurity Program
Regular Vulnerability Scans
Annual Penetration Testing
Designation of a Chief Information Security Officer (CISO)
Incident Response Plan
Annual Compliance Certification
Historical Reports and Audit Trails
Complete birds eye view security review
Security information and event management
Complete policy and plan creation
24/7 monitoring, detection and remediation for threats
Allow us to evaluate your processes, controls, and policies to identify any potential gaps between your practices and NYDFS requirements. We can do the heavy lifting for you so you don't have to reinvent the wheel creating new policies and corrective actions to be taken before your next audit.