New York State’s Department of Financial Services (DFS) has enacted a rigorous, first-in-the-nation cybersecurity regulation for financial institutions and others that do business in the state. The requirements from DFS go beyond what we’ve historically seen from regulators.
The LP3 cybersecurity team is well versed in the NYSDFS 23 NYCRR 500 Financial Services regulation. By leveraging our expertise and LP3 Cybersecurity Risk Assessment Portal, we are ready to help companies and their clients mitigate risk and ensure compliance with all aspects of the DFS regulations.
NYSDFS Compliance Assessment Deliverables
- Provide Baseline Control and Program Assessment
- Draft Policies Cross-referenced to Controls
- Draft System Security Plan (SSP)
- External Penetration and Internal Vulnerability Scan Reports
- Executive Summary and Final Report on Compliance
- Plan of Action & Milestone (POA&M) Gaps and Mitigations
- Baseline & Annual Employee Security Awareness Assessment, Testing & Training
- Virtual CISO Services, Expertise, and Board of Directors Support
NYSDFS Ongoing Cyber Security Services
- Virtual CISO (V-CISO) Services
- Risk Management Program Development and Implementation
- Periodic Vulnerability and Penetration Scanning
- Audit Log Management and Monitoring Services
- Employee Security Awareness Assessment, Testing, and Cyber Training
- Annual Cyber Program Development and Assessment
- Annual NYSDFS Compliance and Attestation Reports
- Annual Board of Directors Representation & Reports
If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.