Also referred to as 23 NYCRR Part 500, the NYDFS Cybersecurity Regulation is a set of regulations that are considered as cybersecurity best practices for financial institutions. It’s a set of rules that enacts new & stricter cybersecurity requirements on covered entities.

What should you do to accomplish 23 NYCRR Part 500 compliance?

Know your network:

Ensure you’ve an updated inventory of each asset, its type, version and role. Assets must be classified as facing in & facing out of the network.

Write security policies for each type of asset:

Each kind of environment & asset must have a unique policy, apt for the exact functions it has and the unique threats that it encounters.

Use tools to discover feasible vulnerabilities threatening your network:

Make use of scanners & penetration tests to keep an updated valuation of your company’s position regarding known & unknown vulnerabilities. Regularly observe the compliance posture of your assets & their exposure to vulnerabilities.

Read More………..