NYDFS 23 NYCRR 500 COMPLIANCE | PENETRATION TESTING | RISK ASSESSMENT                                      "THE INFORMATION SECURITY EXPERT'S"

The New York State Department of Financial Services (“DFS”) assessed the threat to financial data systems and established the 23 NYCRR 500 regulation as a safeguard.

The 23 NYCRR 500 regulation requires companies to assess their risks and create a Cyber, IT security program to manage it. Corporate Boards now need to take this risk seriously. They will need to file an SEC / GLBA, PCI annual certification confirming compliance to the 23 NYCRR 500 regulation.

Trojan Horse Security can work on the 23 NYCRR 500 regulation Certification of Compliance with the New York State Department of Financial Services Cybersecurity Regulations along with DFS Portal Filings. 

​

The 23 NYCRR 500 assessment helps companies align to the regulation, create documentation as attestation of compliance and secure it's client data. Trojan Horse Security does this by focusing their attention and expert knowledge of the following applicable sections within the 23 NYCRR 500 regulation:

    Section 500.02 Cybersecurity Program
    Section 500.03 Cybersecurity Policy
    Section 500.04 Chief Information Security Officer
    Section 500.05 Penetration Testing and Vulnerability Assessments
    Section 500.06 Audit Trail
    Section 500.07 Access Privileges
    Section 500.08 Application Security
    Section 500.09 Risk Assessment
    Section 500.10 Cybersecurity Personnel and Intelligence.
    Section 500.11 Third Party Service Provider Security Policy
    Section 500.12 Multi-Factor Authentication
    Section 500.13 Limitations on Data Retention
    Section 500.14 Training and Monitoring
    Section 500.15 Encryption of Nonpublic Information
    Section 500.16 Incident Response Plan
    Section 500.17 Notices to Superintendent