New York's Department of Financial Services 23NYCRR500 Compliance Certification Filing Deadline in:
Days
Hours
Minutes
Seconds
Are You A "Sitting Duck"?
One biggest threat to your business is your compliance with the NYDFS Cybersecurity Law - or lack thereof!
Regulated Financial Services entities and licensed persons must file the Certification of Compliance for calendar year 2020 starting on April 15, 2021
The NYDFS 23NYCRR500 Regulation applies to:
- State banks
- Licensed Lenders
- Private Banks
- Foreign Banks operating in New York
- Mortgage Companies
- Insurance companies
- Trust companies
- Financial Service providers
Don’t let what happened to First American happen to you. With many misconceptions about the Law, some businesses may be deemed small enough to be “exempt” but there are no exemptions. ONLY LIMITED EXEMPT which means you still must comply with the law.
Find out if you are in compliance on a 10-Min Call with our experts
Yes, I Would Like To Schedule A 10-Minute Discovery Call!
NYDFS Cybersecurity Requirements are incredibly confusing, and the penalties for not being compliant can be debilitating. If you are uncertain that your business is in compliance with the Cybersecurity Law, most likely you are not.
On this call we can discuss your unique situation, any concerns you have, and of course, answer any questions you may have about the 23NYCRR500. If you feel comfortable moving ahead, we’ll schedule a convenient time to conduct a Cybersecurity Compliance Audit.
Our Free Cybersecurity Compliance Audit Reveals Where Your Company Is At High Risk Of Getting a Fine from de NYDFS
This Audit can be conducted 100% remote with or without your current IT company or department knowing (we can give you the full details on our initial discovery call). At the end of the Audit, you’ll know if you comply with the following requirements:
- Establish a Cybersecurity Program (500.02)
- Develop a Cybersecurity Policy (500.03)
- Assign a Chief Information Security Officer (500.04)
- Perform Periodical Penetration and Vulnerability Testing (500.05)
- Maintain an Audit Trail designed to detect and respond to Cybersecurity Events (500.06)
- Limit Users Access Privileges (500.07)
- Establish Application Security Procedures (500.08)
- Perform Periodic risk assessments (500.09)
- Utilize qualified Cybersecurity Personnel to manage and oversee the performance of the cybersecurity program (500.10(a)(1))
- Provide cybersecurity personnel with cybersecurity updates and training (500.10(a)(2))
- Enable Multi-Factor Authentication for Information Systems (500.12)
- Employee Cybersecurity Training and Monitoring (500.14)
- Enable Data Encryption and Protection (500.15)
- Establish a Incident Response Plan (500.16)
Find out if you are in compliance on a 10-Min Call with our experts
What our customers say about us!
“Motiva is the 3rd IT company my firm has had in the last 2 years and boy 3rd time is the charm. By far exceeded our expectations. They have a team to support you no matter the issue. Today the team was able to fix a problem we had been dealing with for weeks due to an antivirus software installed by the first company! Very professional, efficient and they know their stuff.”
Jessica Mora
SilverLines Ins Agency, LLC
"Motiva came to us highly recommended by the Big I and by several other local agents. Motiva’s staff are knowledgeable and efficient. They are very familiar with insurance agency operations, the NYS DFS security requirements, Microsoft products, and the Applied TAM system. Motiva is always available and always a pleasure to deal with.”
Joseph Grasso
Hartt Insurance Agency Inc