FCI announces at the 20th Anniversary Technology Tools for Today (T3) Conference the alignment of its Cyber Safeguards and Technical Controls Assessment Services with the latest NYDFS Regulatory Requirements (Second Amendment to 23 NYCRR 500) and upcoming SEC updated regulation. In the past, regulations primarily emphasized well-known external network penetration testing and vulnerability scans. New threats have driven the need for broader penetration scans inside the walls. The new NYDFS requirements state that covered entities must conduct penetration testing at least annually from inside and outside information systems’ boundaries.
The amendments further necessitate automated scans of covered entities’ information systems, specifically designed to identify, analyze, and report vulnerabilities. These encompass a spectrum of systems such as corporate websites, portals, and cloud-based platforms.
SANS outlines that, “Part of the challenge organizations face when attempting to comply with these cybersecurity standards is understanding exactly what the requirements are asking an organization to accomplish and the definition of risk.”
To execute a thorough security risk assessment aligning with regulatory requirements, it is essential to undertake two separate projects facilitated by two distinct service organizations:
Brian Edelman, FCI’s Founder and CEO, adds, “We work with the industry to clarify the difference across assessments. This separation of duties is critical to ensure checks and balances, leading to improved client risk management.”
FCI Invites Advisors to Booth #520 to Learn More at the 2024 T3 Technology Conference January 22-25, 2024 at the Cosmopolitan of Las Vegas.
About FCI Cyber FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Zero Trust Cybersecurity Compliance Enablement Technologies & Services to CISOs and security personnel of Financial Services organizations with prescriptive cybersecurity regulatory requirements. FCI blends best-of-breed technologies, cybersecurity best practices, expertise, and innovation to perform Security Assessments and deliver cloud-based Managed Endpoint and Network Protection. www.fcicyber.com.