Securing financial institution customer data

The New York Department of Financial Services (NYDFS) issued its Cybersecurity Regulation to require cybersecurity practices for financial institutions’ customer information and IT systems. These rules apply to financial institutions doing business in New York and that are regulated by NYDFS, with exceptions for small businesses. Organizations that are not compliant may face revocation of licensure, consent orders, or civil penalties ranging from $2,500 to $75,000 per day.

Below, learn more about NYDFS and how Rapid7 can help you achieve compliance goals.

NYDFS Cybersecurity Regulation

Maintain a cybersecurity program to protect information systems

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Conduct regular security risk assessments

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Implement safeguards and policies based on risks

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Detect and respond to cybersecurity events

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Monitor and test the cybersecurity program

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Ensure security of applications

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

Train and oversee personnel and service providers

Read more

InsightVM & Managed VM
InsightIDR & MDR
InsightAppSec & Managed AppSec
InsightCloudSec
Metasploit
Consulting Services

NYDFS: Rapid7 Cybersecurity Regulation Guide

Learn how to tackle 9 key NYDFS cybersecurity requirements. Rapid7 can help you maintain a holistic, robust, and risk-based security program designed to safeguard sensitive customer financial data.