NYDFS Readiness

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a new set of regulations from the NY Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered financial institutions. The rules require covered institutions to develop and implement an effective cybersecurity program, assess their cybersecurity risks and develop plans to proactively address those risks.

NYDFS Readiness Assessment

In response to increasing cybersecurity risks to the financial institutions, in March 2017, the New York Department of Financial Services instituted 23 NYCRR 500, a cybersecurity regulation unlike any other. The regulation establishes minimum security requirements to protect financial institutions’ data and their customers from cyberattacks.

Building on over a decade of experience helping government, healthcare, finance, and wider enterprise organizations meet their data compliance requirements, Valorr is actively supporting customers preparing for the NYDFS Cybersecurity Regulation. By helping organizations secure data, manage risk, and audit data handling processes, Valorr delivers practical solutions to a complex list of compliance requirements.

Our Approach

Our readiness assessment is built to align with regulatory requirements and enhanced with industry-recognized security frameworks, including the NIST CSF, NIST 800-53, CIS Top 20, and PCI DSS. We leverage an established capability maturity model index (CMMI) to objectively evaluate your program and provide realistic maturity rankings across industry standards.

Phase 1:

Project Planning and Kick-Off

During Phase 1, the Valorr team collaborates with you to establish the objectives and scope for this engagement, as well as communication methods and a cadence for status reporting. Following this initial step, we coordinate document and interview requests with your team.

Phase 2:

Program Analysis

During Phase 2, our team holds both on-site and remote discovery sessions with key stakeholder and subject matter experts within your organization. Following this step, our team builds a current state gap analysis of your policies, procedures and technologies against industry standards. Using our Capability Maturity Model, we evaluate each domain across your security program. As a result of this analysis, we are able to identify process inefficiencies and areas for improvement.

Phase 3:

Strategic Roadmap

In the final phase of the Valorr assessment, our team communicates the findings of our analysis to your leadership team, helping you gain executive buy-in for the most immediate risks facing your organization.

During this phase, we establish achievable target cyber maturity goals for your program, provide future state recommendations and deliver an action-based roadmap for short-term and long term cyber maturity.

Alignment across cybersecurity priorities, organizational objectives and policies.
Improved decision-making around the level of risk associated with the current business environment.
More efficient resource allocation
Increased investment in future projects

Different From the Rest

At Valor, we take a different approach to implementing and managing cybersecurity.

Actionable Deliverables

Our assessment process doesn't just point out your weaknesses and the urgent need for change. It provides clear, action-based guidance for addressing key security risks and improving your overall risk posture.

Ongoing Support

We never deliver a report and leave our partners, we often stay onboard to help them implement our recommendations and mature their programs. We work hard to collaboratively help execute your strategic roadmap.

End-to-End Services

Valor provides a full lifecycle suite of services and end to end support services. We have experts in security program development, data privacy and business resilience to help you improve across all risk domains.

Have A Question?

Valor is excited to take on your biggest business risk challenges. Please complete this short form and we will get in touch with you.

Is Your Business and Brand Protected From cyber threats?

Featured

Why Not Cyber-Protecting Your Business Could Lead to It’s Demise

Company

Featured

Driving Your Growth Forward: Cybersecurity as a Business Enabler

Industries

Featured

Why Choosing The Right Cybersecurity Partner Matters

Solutions

Featured

Download Our FREE 2022 Annual Report

Insights

NYDFS Readiness

NYDFS Readiness Assessment

Our Approach

Phase 1:

Project Planning and Kick-Off

Phase 2:

Program Analysis

Phase 3:

Strategic Roadmap

Different From the Rest

Actionable Deliverables

Ongoing Support

End-to-End Services

Have A Question?

Featured Insights

Why PE/VC General Partners Have Growing Concerns Around Cybersecurity and What They Can Do About It

Why Valorr, Why Now?

CMMC Explained: Understanding DoD’s Latest Cybersecurity Contracting Standard