Also referred to as 23 NYCRR Part 500, the NYDFS Cybersecurity Regulation is a set of regulations that are considered as cybersecurity best practices for financial institutions. It’s a set of rules that enacts new & stricter cybersecurity requirements on covered entities.
What should you do to accomplish 23 NYCRR Part 500 compliance?
Know your network:
Ensure you’ve an updated inventory of each asset, its type, version and role. Assets must be classified as facing in & facing out of the network.
Write security policies for each type of asset:
Each kind of environment & asset must have a unique policy, apt for the exact functions it has and the unique threats that it encounters.
Use tools to discover feasible vulnerabilities threatening your network:
Make use of scanners & penetration tests to keep an updated valuation of your company’s position regarding known & unknown vulnerabilities. Regularly observe the compliance posture of your assets & their exposure to vulnerabilities.
No comments:
Post a Comment