New York State Department of Financial Services (NYSDFS) has proposed several changes to the existing 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). They include items such as: Classification of “Class A”…

This blog was written and produced by Nick Cozzolino, CISSP, Director of Information Security at The Bonadio Group. FoxPointe Solutions is The Bonadio Group's dedicated cybersecurity division. Looking to get in touch with Nick? Reach out today: Nick Cozzolino ncozzolino@bonadio.com. “Data is…

Since the regulation came into effect in March 2019, the New York State Department of Financial Services (DFS) continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500. With 23 distinct sections of the regulation, DFS requires a comprehensive cybersecurity…

On April 2, 2021, it was confirmed that a malicious user published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The information, spanning from users across the globe, includes phone numbers, user IDs, full names, locations, birthdates, and some email…

An updated cybersecurity law that the IT organization (along with other college/university departments) will need to continue to integrate into its compliance programs, policies, and controls is the recent changes to New York’s General Business Law 899-aa and 899-bb (aka SHIELD Act). The…

This post originally appeared on Security Magazine. Ensuring the confidentiality, integrity, and availability of information must be at the forefront of any business in today’s environment. While many think they are up to this task, there’s a lot that goes into protecting data.…