combsandco


Feature Friday with DYKT? Snippets

“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: Cybersecurity is much more than an IT topic.” Stephane Nappo

We’re shaking things up here at Did You Know That?  We’re always looking to bring you informative conversations that could better your business and sometimes, your life.  But that doesn’t always have to be in long-form interviews.  So, may we present, drumroll please…

DYKT? Snippets.

DYKT? Snippets will be episodes featuring a collection of short videos on a particular topic.  What that topic may be will always be a surprise.  For this kickoff event, we’re going big with a 2-part premiere episode.

In 2017, the New York State Department of Financial Services (NYSDFS) Part 500 cyber regulations went live.  These regulations apply to certain businesses licensed by the NYSDFS to operate in New York.  While the regulations have their shortcomings, in the scope of state-backed cyber laws, they’ve proven to be quite reasonable.  Episodes 1 & 2 will feature videos that outline how businesses can utilize these requirements to get their cyber houses in order.

For context around the videos, here are some links for the regulations & the actual requirements:

Who NYSDFS Supervises: https://www.dfs.ny.gov/who_we_supervise

NYSDFS Industry Definitions: https://www.dfs.ny.gov/institution_definition

NYSDFS Cybersecurity Resource Ctr: https://www.dfs.ny.gov/industry_guidance/cybersecurity

Regulation Sections:

500.02 – Cybersecurity Program

500.03 – Cybersecurity Policy

500.04 – Chief Information Security Officer (exempt)

500.05 – Penetration Testing & Vulnerability Assessments (exempt)

500.06 – Audit Trail (exempt)

500.07 – Access Privileges

500.08 – Application Security (exempt)

500.09 – Risk Assessment

500.10 – Cybersecurity Personnel and Intelligence (exempt)

500.11 – Third Party Service Provider Security Policy

500.12 – Multi-Factor Authentication (exempt)

500.13 – Limitations on Data Retention

500.14 – Training and Monitoring (exempt)

500.15 – Encryption of Nonpublic Information (exempt)

500.16 – Incident Response Plan (exempt)

500.17 – Notices to Superintendent

Music: “Camaro” by Oliver Michael via Artlist


Leave a Comment so far
Leave a comment



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s



%d bloggers like this: