Skip to content

NYDFS Readiness

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a new set of regulations from the NY Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered financial institutions. The rules require covered institutions to develop and implement an effective cybersecurity program, assess their cybersecurity risks and develop plans to proactively address those risks.

NYDFS Readiness Assessment

In response to increasing cybersecurity risks to the financial institutions, in March 2017, the New York Department of Financial Services instituted 23 NYCRR 500, a cybersecurity regulation unlike any other. The regulation establishes minimum security requirements to protect financial institutions’ data and their customers from cyberattacks.

Building on over a decade of experience helping government, healthcare, finance, and wider enterprise organizations meet their data compliance requirements, Valorr is actively supporting customers preparing for the NYDFS Cybersecurity Regulation. By helping organizations secure data, manage risk, and audit data handling processes, Valorr delivers practical solutions to a complex list of compliance requirements.

Our Approach

Our readiness assessment is built to align with regulatory requirements and enhanced with industry-recognized security frameworks, including the NIST CSF, NIST 800-53, CIS Top 20, and PCI DSS. We leverage an established capability maturity model index (CMMI) to objectively evaluate your program and provide realistic maturity rankings across industry standards.

Phase 1:

Project Planning and Kick-Off

During Phase 1, the Valorr team collaborates with you to establish the objectives and scope for this engagement, as well as communication methods and a cadence for status reporting. Following this initial step, we coordinate document and interview requests with your team.

Different From the Rest

At Valor, we take a different approach to implementing and managing cybersecurity.

Actionable Deliverables

Our assessment process doesn't just point out your weaknesses and the urgent need for change. It provides clear, action-based guidance for addressing key security risks and improving your overall risk posture.

Ongoing Support

We never deliver a report and leave our partners, we often stay onboard to help them implement our recommendations and mature their programs. We work hard to collaboratively help execute your strategic roadmap.

End-to-End Services

Valor provides a full lifecycle suite of services and end to end support services. We have experts in security program development, data privacy and business resilience to help you improve across all risk domains.

Have A Question?

Valor is excited to take on your biggest business risk challenges. Please complete this short form and we will get in touch with you.