risk assessor

Confessions of a Risk Assessor: 6 Things to Know Before a Cyber Security Assessment

If you asked me what the first item of business would be for me as a new CISO or CIO in an organization, my answer would be to perform a cyber security risk assessment to improve overall security management. Actually, I’d probably install an espresso maker, but risk assessments would be a close second. Having a risk assessment done involves identifying… Read More


August 28 Deadline Nears for 23 NYCRR 500: Can You Pass the Compliance Test?

Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply. Whether… Read More


New York’s Proposed Cyber Security Rules Could Have Far-reaching Effects on Banks, Insurers, and Other Financial Firms

The New York State Department of Financial Services (NYDFS) has recently proposed a detailed and wide-ranging set of cyber security regulations for insurers, banks, and other regulated financial entities. While the proposed requirements do not spell out what means may be used to enforce the requirements, nor possible penalties, the NYDFS has broad criminal and civil… Read More