Contact Us

Equifax Breach Begs the Question: Are Financial Service Companies in New York Safe from Cyber Attack?

Full IT Audit Provides Better Insights for 23 NYCRR Part 500 Than Simple Risk Assessment
    NEW YORK, NY, November 15, 2017 /24-7PressRelease/ -- The recent Equifax breach underscores the importance of cybersecurity for all financial services companies. In New York, the Department of Financial Services' (DFS) new 23 NYCRR Part 500 regulation is now in effect to protect companies against such cyberattacks.

Many, however, do not understand how to develop their own cybersecurity programs as described in the regulation. One misconception of the regulation is that a risk assessment alone is sufficient to accurately determine preparedness for cyberattacks.

"Risk assessments are important, but we recommend that they be part of a larger IT audit," said Sam Vohra, vice president and co-founder of CompCiti Business Solutions, a cybersecurity and networking services company in New York City. "The new regulations are complex and require a lot of planning. A comprehensive IT audit provides you with a better picture of your current cybersecurity effectiveness and at the same time helps you fulfill requirements detailed in other sections."

A shortcoming of simple risk assessments is that they do not provide a company with all the information it needs to understand the effectiveness and state of its current cybersecurity efforts. A full IT audit, on the other hand, does so. For instance, section 500.05 of the regulation calls for penetration testing and vulnerability assessments, and a full IT audit includes these.

"The DFS has created an incredible document here with its new cybersecurity requirements for financial services companies. In many ways, it is a blueprint for building a solid cybersecurity program. We want to help our financial services clients become compliant with 23 NYCRR Part 500 effectively and efficiently. Just as importantly, we want to ensure that their clients' data is fully secured against cybercriminals and cyberthreats, and that it is also secured against power failures, natural disasters, and other risks," Vohra said.

CompCiti provides a wide range of services that include providing its clients with an initial IT audit, helping its clients come into compliance with 23 NYCRR Part 500, and delivering its clients chief information security officer (CISO) services

"The CISO is an important part of the regulation," Vohra said. "I think that many companies are glad that the DFS allows this position to be filled by a third-party IT professional who understands the regulation well. CompCiti ensures full compliance and provides its clients with a higher level of cybersecurity than they likely would have had otherwise."

The 23 NYCRR Part 500 regulation went into effect on August 28, 2017. All financial services companies operating in New York State must meet these new regulations. CompCiti offers a no-obligation compliance assessment at: https://compciti.com/nycrr/

About CompCiti
CompCiti Business Solutions, Inc., provides its clients what few other IT companies in New York can: expertise and insights developed since business networking began. CompCiti's focus on cybersecurity and cyber management services set it above other business networking services. CompCiti secures networks and other IT systems against all cyberthreats, including viruses, hackers, and ransomware. Cybersecurity, networking, and managed IT services, all supported by 24/7 emergency service since 1996. CompCiti is a Microsoft Silver Certified partner. CompCiti.com | (212) 594-4374


# # #

Read more Press Releases from Sam Vohra:


Comment on this story...

Share This Story


Email this Story

Contact Information


Sam Vohra
CompCiti Business Solutions, Inc.

New York, New York
USA
Voice: (212) 594-4374
E-Mail: Email Us Here
Website: Visit Our Website

Like This Story?


I like it! 0

Disclaimer


If you have any questions regarding information in this press release, please contact the person listed in the contact module of this page. Please do not attempt to contact 24-7 Press Release Newswire. We are unable to assist you with any information regarding this release. 24-7 Press Release Newswire disclaims any content contained in this press release. Please see our complete Terms of Service disclaimer for more information.