Solutions / Compliance / NYDFS 23 NYCRR Part 500
NYDFS 23 NYCRR Part 500 Compliance
nGuard has extensive experience working with companies to develop a robust security program and can help your financial institution become fully compliant with the New York Division of Financial Services Cyber Security Regulation.
NYDFS Compliance Solutions
Assessment Types
Who is Affected?
If you’re a financial institution in the state of New York, you likely know that the New York Department of Financial Services (DFS) has imposed a regulatory requirement to help focus the industry on establishing and maintaining an effective security program. This program gives guidance for institutions to ensure there is internal oversight and appropriate cyber security controls in place.
NYDFS 23 NYCRR Strategic Security Assessment (SSA)
The 23 NYCRR SSA is a streamlined strategic security analysis of your institution’s financial records’ systems, as well as the other ways that financial records are transmitted, stored, or processed. This assessment is cost effective to scaling values, from that of a small bank, up to the large investment firm.
- CISO Governance
- Cybersecurity Policies
- Ongoing Risk Assessments
- Ongoing Penetration Testing & Vulnerability Assessments
- Log Monitoring & Alerting
- Access Controls & Multi-Factor Authentication
- Systems, Applications, & Network Controls
- Data Governance & Privacy
- Third-Party Service Provider Oversight
- Physical Controls
- Awareness Training
- Secure Data Storage & Transmission
- Incident Response & Business Continuity
NYDFS 23 NYCRR 500 Risk Assessment
The 23 NYCRR 500 Security Risk Assessment goes beyond just assessing gaps in 23 NYCRR 500 controls and safeguards.
- Qualitative Risk Analysis
- Quantitative Risk Analysis
- Threat Identification
- Threat Probability
- Impact Identification
- Scope Verification
NYDFS 23 NYCRR 500 Compliance Methodology
nGuard’s compliance methodology defines a flexible framework that your organization can leverage to continue & accelerate your 23 NYCRR 500 compliance efforts. Whether just starting or ready to attest to compliance, our methodology has the flexibility to attain to your specific need.
- Scope Definition
- Gap Analysis
- Gap Remediation
- Compliance Assessment
Tactical NYDFS NYCRR 500 Assessments
These tactical assessments help to evaluate the different ways your financial data is accessed through discovering, testing, and safely exploiting vulnerabilities in your environment. Together, these tactical assessments will identify the tangible vulnerabilities that are exploitable in your environment and give your organization specific guidance on how to resolve them.
- External Penetration Testing
- Internal Penetration Testing
- Vulnerability Management
- Web Application Penetration Testing
- Console Auditing
- Wireless LAN Penetration Testing
NYDFS 23 NYCRR 500 Remediation
If your IT staff is 100% utilized or possibly doesn’t have all the needed skill sets to perform the remediation, nGuard can quickly help address your issues. Furthermore, you will be better prepared for future audits.
- Patch Remediation
- Policy & Procedure Developmet
- Policy & Procedure Maintanance
- Incident Response
- Security Event Management as a Managed Service
- Windows Group Policy Remediation
- Database Remediation
- Perimeter Security Design Remediation
- Wireless Security Design Remediation
Benefits of nGuard for Compliance Assessments
nGuard is the clear choice for a superior quality compliance assessment. Clients choose nGuard for many reasons including:
GRC Alignment
We help clients navigate the Governance, Regulatory & Compliance (GRC) landscape.
Credentialed Experts
Comprised of certified, expert assessors, consultants and engineers, who hold a broad array of certifications.
Longevity
Since 2002, clients have known nGuard as a viable, long-term, security partner.
Security Resources from nGuard
“nGuard has been a proven cybersecurity partner with us for over five years that understands our industry.”
— Joe Warling, Randolph Electric Membership Corporation
“nGuard not only does a thorough pen test, their remediation recommendations and tracking tool was a big help in addressing issues.”
— Allan Patek, Executive Director, Wisconsin Insurance Security Fund
“nGuard’s expertise in cybersecurity, their professionalism and flexibility is the reason why we hire them year after year.”
— Frank M. Furnari, Business Systems Developer, NJCRIB (New Jersey Compensation Rating & Inspection Bureau)
“The staff at nGuard are top-notch cybersecurity professionals. I find their knowledge, guidance, and expertise very helpful during our annual pen tests.”
— David Schultheis, IT Manager, Nine Network of Public Media
“nGuard’s cybersecurity and PCI expertise has been instrumental in helping us improve our cybersecurity posture.”
— Mark Krawczyk, Director of Information Privacy, Purpose Financial
“We have trusted nGuard as our primary cybersecurity consultants for 20 years. Our continued choice of and reliance on nGuard year after year is a testament to the professionalism, expertise, and exemplary service that we continue to experience.”
— Jeremy Noble, VP, Information Services, Atlantic Telephone Membership Corporation
“I have used several other large assessors in the past and I recommend nGuard above all others.”
— Scotty Westbrook, IT Director, Sampson Bladen Oil Company
“Through our long-term partnership with nGuard, we gain valuable insight from their advanced cyber-security tests.”
— Lynn Sturkie, Director of Technology Services, Lexington County
Speak to a security expert
Let us help you begin to reach your security goals today.
