LAS VEGAS, NV — January 22, 2024 — FCI announces the alignment of its Cyber Safeguards and Technical Controls Assessment Services with the latest NYDFS Regulatory Requirements (Second Amendment to 23 NYCRR 500) and upcoming SEC updated regulation. New threats have driven the need for broader penetration scans inside the walls. The new NYDFS requirements state that covered entities must conduct penetration testing at least annually from inside and outside information systems’ boundaries.
The amendments further necessitate automated scans of covered entities’ information systems, specifically designed to identify, analyze, and report vulnerabilities across corporate websites, portals, and cloud-based platforms.
Assessment of Cyber Safeguards and Technical Controls
- Network & Endpoints: External and Internal Vulnerability Scans and Network Penetration Testing
- Public Assets: Corporate Internet Attack Surface Assessment (CIASA)
- Software: Software Penetration Testing (review of code)
- Critical Software & Systems: Hardening Evidencing
- Deliverables: Cyber Safeguard & Technical Control Assessment Report with proposed remediation
Brian Edelman, FCI’s Founder and CEO, adds, “We work with the industry to clarify the difference across assessments. This separation of duties is critical to ensure checks and balances, leading to improved client risk management.”