FCI Announces Alignment with New NYDFS Cybersecurity Assessment Regulatory Requirements

FCI Announces Alignment with New NYDFS Cybersecurity Assessment Regulatory Requirements

By - 6 February 2024

FCI announces the alignment of its Cyber Safeguards and Technical Controls Assessment Services with the latest NYDFS Regulatory Requirements (Second Amendment to 23 NYCRR 500) and upcoming SEC updated regulation. In the past, regulations primarily emphasized well-known external network penetration testing and vulnerability scans. New threats have driven the need for broader penetration scans inside the walls. The new NYDFS requirements state that covered entities must conduct penetration testing at least annually from inside and outside information systems’ boundaries.


The amendments further necessitate automated scans of covered entities’ information systems, specifically designed to identify, analyze, and report vulnerabilities. These encompass a spectrum of systems such as corporate websites, portals, and cloud-based platforms.


SANS outlines that, “Part of the challenge organizations face when attempting to comply with these cybersecurity standards is understanding exactly what the requirements are asking an organization to accomplish and the definition of risk.”


To execute a thorough security risk assessment aligning with regulatory requirements, it is essential to
undertake two separate projects facilitated by two distinct service organizations:



Brian Edelman, FCI’s Founder and CEO, adds, “We work with the industry to clarify the difference across assessments. This separation of duties is critical to ensure checks and balances, leading to
improved client risk management.”

FCI Invites Advisors to Booth #520 to Learn More at the 2024 T3 Technology Conference January 22-25, 2024 at the Cosmopolitan of Las Vegas.


About FCI Cyber
FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Zero Trust Cybersecurity Compliance Enablement Technologies & Services to CISOs and security personnel of Financial Services organizations with prescriptive cybersecurity regulatory requirements. FCI blends best-of-breed technologies, cybersecurity best practices, expertise, and innovation to perform Security Assessments and deliver cloud-based Managed Endpoint and Network Protection. www.fcicyber.com

Media Contact: Kaitlyn Melendez (kmelendez@fcicyber.com)

Leave a Reply

Your email address will not be published. Required fields are marked *