Why Your Organization May Need to Meet Cyber Risk Requirements
The 23 NYCRR Part 500 requires that organizations supervised by the Department of Financial Services complete a security audit conducted by a third-party. The latest updates to the NYS DFS Cybersecurity Regulations (23 NYCRR Part 500) requires financial institutions supervised by the New York State Department of Financial Services (DFS) to show compliance in multiple sections related to cybersecurity risk assessments as outlined below.
Our team’s Cyber Risk Assessment service helps organizations like yours comply with the following 23 NYCRR Part 500 Sections: 500.5 Vulnerability management, 500.6 Audit trail, 500.9 Risk assessment, 500.12 Multi-factor authentication, and 500.15 Encryption of nonpublic information.
Learn about our additional 23 NYCRR Part 500 compliance services built to help organizations like you.
How We Help You Comply with the Cyber Risk Assessment Requirements
Quanterion Solutions Incorporated can perform a cybersecurity risk assessment – as comprehensive or as detailed as an organization needs – to empower financial institutions to fill their gaps in meeting the requirements.
Our Cyber Risk Assessment service is highly customizable, and we can perform any or all of the below example projects to enable your compliance.
- Are you prepared to scan your internal systems for potential vulnerabilities as required in the 500.5 Vulnerability management section?
- Let us help! Our team of subject matter experts can run the scan for you and prepare a report for submission.
- Do you have the time to perform a review of access controls and account security, such as enforcement of multifactor authentication (MFA) as required in the 500.12 Multi-factor authentication?
- MFA is increasingly used not just to meet regulations, but as a key aspect of a company’s security program to defend against uncontrolled access.
- Financial institutions are required to perform a pentest according to Section 500.5 Vulnerability management.
- We can perform this test for you using information gathered in the Cybersecurity Systems Audit to simulate attack scenarios.
- The penetration test we perform will also help you gauge your system vulnerability to prevent security breaches and determine if appropriate safeguards are in place.
- Will you be able to prepare a report detailing the audit findings and the overall risk presented to the organization as referenced in the 500.6 Audit trail section?
- Reporting can be time-consuming, although it is necessary. Let our team take the task off your shoulders and prepare a report for you that accurately depicts your security findings and positions you for a successful submission.
- Did you know that financial organizations under DFS are required to have a third-party risk assessment according to the 23 NYCRR Part 500?
- The regular risk assessment creates an audit trail for improvements in security posture, and we can perform the assessment for you as a third-party provider.
- Once you complete the third-party assessment, you will need to outline steps for remediating vulnerabilities.
- Remediation is included in our list of cybersecurity compliance services, and we offer custom individual services to meet you where you are with your security.
Ready to let the experts help you become compliant with the latest NYS DFS regulations? Contact us today at Cyber@Quanterion.com or (315) 801-7777.
Our Cyber Risk Assessment service is just one of the custom services we provide to help organizations meet the NYS DFS Cybersecurity Regulations (23 NYCRR Part 500). Learn about our other 23 NYCRR Part 500 compliance services built to help organizations like you, or ask about establishing a custom plan to enable your team to be fully compliant.