Cybersecurity poses a complex challenge for banking, finance and insurance companies. And the challenge continues to grow while firms attempt to stay out of the headlines, meet compliance standards and cost-justify security.
This increased sensitivity to the high costs and long-term consequences of data breaches led the state of New York to develop a set of cybersecurity requirements, 23 NYCRR 500, for the financial industry. Now it’s time to devise a strategy to meet these new sweeping regulations.
With TripleHelix®, Assured Enterprises built the most comprehensive risk assessment system available, which gives organizations the capability to quantify and to measure progress in their cybersecurity programs. TripleHelix® provides granular information to banking, finance and insurance professionals, plus it meets and exceeds all the requirements in the 23 NYCRR 500.
Virtually anyone in the United States and beyond doing business in New York State in these industries: banking, finance, financial services and insurance are mandated to comply with the NY regulations.
Businesses and organizations with 10+ employees or $5M or more in gross revenue for each of past three fiscal years or $10M or more in total assets (including affiliates) must comply with the NY Regulation.
Here are some of the main requirements coupled with the Assured solution or service that solves them.
SOURCE: 23 NYCRR 500: CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES COMPANIES
The TripleHelix® risk assessment system analyzes Cyber Maturity, Threats and Impacts. The correlation of these three security strands yields a proprietary CyberScore®, a three-digit cybersecurity score similar to a FICO® score, that allows the management team to benchmark and evaluate security readiness.
The Assured CyberScore® empowers CISOs to chart a recommended course for improvement with a focus on what is most important for the organization, not on the latest fad in the cybersecurity marketplace.
TripleHelix® captures thousands of data points which is far more comprehensive than any other assessment on the market. TripleHelix® is capable of measuring, not only technical risks, but risks resulting from policy and procedural gaps. In addition, TripleHelix® has a unique focus on insider threats.
With known software vulnerabilities accounting for some 80% of successful data breaches, Assured built their own deep software scanning tool to identify the vulnerabilities and to provide detailed remediation information.
Additional AssuredScanDKV® Features:
Is your organization subject to multiple compliance standards or regulations? Instead of having to go through the hassle, cost and time of conducting multiple assessments to address compliance requirements for your organization, TripleHelix® offers a one-stop, cost-effective comprehensive assessment with the option of delivering virtually any regulatory compliance cyber report into a customized, organization-specific Regulatory Compliance Dossier.
Whether you are in San Francisco, Chicago, London, Bahrain, Zurich, Singapore, Hong Kong or Sydney—you need Assured and TripleHelix®. Stop wasting your time and money on second-rate assessments.
Empower your organization with a comprehensive cybersecurity assessment and a Regulatory Compliance Dossier which includes reports that meet your unique compliance standards, guidelines and requirements. Use the dossier to target compliance before the regulator visits and to double-check the regulator’s accuracy.