The tools and guidance financial professionals need to comply with NYDFS regulations.
All financial companies with a branch in New York, as well as third-party suppliers of New York-based institutions are required to implement security measures in order to protect themselves against cyber attacks. NYDFS (also known as 23 NYCRR 500) requires financial institutions to implement specific policies and procedures to better protect user data. We can help you establish a detailed cybersecurity plan, enact a comprehensive cybersecurity policy, and initiate and maintain an ongoing reporting system for cybersecurity events.
Best Practices for NYDFS Standards
Creation and ongoing management of a Cybersecurity Program
Regular Vulnerability Scans
Annual Penetration Testing
Designation of a Chief Information Security Officer (CISO)
Controlling access to your valuable IT resources
Incident Response Plan
Annual Compliance Certification
Historical Reports and Audit Trails
Designated virtual CISO providing guidance
Comprehensive annual “bird’s eye view” security assessment
Development and maintenance of data access and control policies
Monitoring your organization 24/7 for potential breaches
Regular security awareness training for employees
Managed threat detection and incident response
Regular vulnerability scans
Allow us to evaluate your processes, controls, and policies to identify any potential gaps between your practices and NYDFS requirements. We can do the heavy lifting for you so you don't have to reinvent the wheel creating new policies and corrective actions to be taken before your next audit.