NYDFS 500 Cybersecurity Alert
The financial industry is under siege regarding cyber crime. NYDFS is leading the way with stricter cybersecurity regulations to address the increasing instances of cyber attacks on the financial industries. NYDFS Cybersecurity Regulation (23 NYCRR 500) are regulations establishing cybersecurity requirements for financial services companies.
The NYDFS has supervisory power over banks, insurance companies, and other financial service companies. More specifically, they are:
- Credit Unions
- Health Insurers
- Investment Companies
- Licensed Lenders
- Private Bankers
- Offices of Foreign Banks
- Commercial Banks
- Life Insurance Companies
- Mortgage Brokers
- Savings and Loans Associations
No Action Can Be Costly
Almost every covered entity is required to file a Certificate of Compliance with NYDFS by June 1, 2020.
NYDFS regulations can mean potential financial penalties equaling up to $500,000 in less than a week.
For example, these potentially hefty fines can add up quickly:
- $2,500 per day during which a violation continues
- $15,000 per day in the event of any reckless or unsound practices or pattern of misconduct
- $75,000 per day in the event of a knowing and willful violation
Being NYDFS exempt does NOT mean you are EXCUSED
NYDFS made provisions for certain covered entities to be exempt from not having to meet certain 23 NYDFS 500 cybersecurity regulations. For more information about NYDFS exemption status click here.
Many entities with exemption status may not know they are still required to complete a risk assessment, revise policies and procedures, publish Third Party Provider Security Policy and document a cybersecurity program to avoid possible fines and penalties.
Third Rock has taken the confusion, frustration and labor intensive requirements for NYDFS compliance and made it simple, easy and affordable.
Utilizing Third Rock’s automated compliant software, CyberCompass™, you get a fast, effective and efficient solution to protect your business, clients and compliance by the June 1, 2020 deadline. We have solutions for EXEMPT and NON-EXEMPT entities.
Third Rock offers CyberCompass™ automated compliance software with built-in expertise that translates NYDFS government requirements into layman’s terms. It does most of the heavy lifting with the analysis and compliance documentation to streamline NYDFS compliance workflow so you can meet the June 1, 2020 deadline.
It is cloud-based, so it can be accessed anywhere with no software download. You don’t have to be a NYDFS or cybersecurity expert to use CyberCompass™.
Our automation can save your firm over 400 hours in twelve months on becoming and staying compliant.
- Answer one set of simple yes/no questions that meets NYDFS & CIS-20
- Flexibility to start and stop – CyberCompass™ saves your progress
- Compliance gap report to gain visibility into your non-compliance
- Built in step-by-step guide to fix issues and get compliant quickly
- CyberCompass™ online vault to save your “body of evidence” in one place
- Monitor your compliance for 12 months with dashboards and reporting
Spam Filter Tests
500,000 Tracking Opens
2 Users Free
Know your vulnerabilities
Guided Risk Assessment with virtual Chief Compliance Officer and virtual Chief Information Security Officer
Penetration Testing - up to 10 public facing IP addresses 1 time a year
Network Vulnerability and Compliance Scans - 1 network for up to 225 devices 2 times a year
Build Resilience with Automation
Policies and Procedures - Full set created to meet NYDFS requirements
Risk Management Plan
Incident Response Plan
Business Continuity / Disaster Recovery Plan
Breach Notification Plan
SDLC Plan for application development
Third Party NYDFS Compliance Tracking
Audit Trail / Body of Evidence
Cyber Awareness Employee Training
12 months access to CyberCompass software to monitor cyber risk
NYDFS Certification of Compliance - ready to file
NYDFS 500 EXEMPT
8 hours of our guided expertise via online meeting and phone
NYDFS 500 NON-EXEMPT
12 hours of our guided expertise via online meeting and phone
Contact for pricing
Virtual officer services meet NYDFS on-staff CISO requirements
Rapid Response Services
Rapid Remediation Services
Custom Policies and Procedures
Virtual Compliance Officer
Cybersecurity scans and rapid repair
We have affordable pricing to get you compliant quickly