By
Jill Martucci

As covered in our previous article, the New York Department of Financial Services (NYDFS) updated its Cybersecurity Regulation in 2023. To help entities roll out the changes and new requirements, they have provided phased timelines for when these items must be implemented by.

You may have heard the saying: “Change is the only constant in life.” This is certainly true of the information technology industry, which in turn, has a ripple effect on the technology, services, risk, and regulatory requirements that impact your organization and its environment.

In February 2024, the National Institute of Standards and Technology (NIST) released Version 2.0 of the Cybersecurity Framework (CSF or the Framework) which is the first significant update to the Framework since 2014 when it was first created.

There are over 33 million small or medium-sized businesses (SMBs) in the U.S. – making up over 99% of all U.S. companies – and recovering from a cyberattack can be costly to these businesses.

Avalon Cyber previously reported on proposed changes that may have a significant impact on the current 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500) released by the New York State Department of Financial Services (NYSDFS).

There has been a lot of talk recently about artificial intelligence (AI), especially around ChatGPT, a chatbot which interacts in a conversational way. As a broad category, AI is the simulation of human processes by machines and computer systems. A few business use cases may include leveraging AI to provide fast and accurate response for customer inquiries, assisting with topic research, or...

In January, the National Institute of Standards and Technology (NIST) released a concept paper as they work to draft the Cybersecurity Framework (CSF or Framework) 2.0, an update to the current 1.1 Framework that was last updated in 2018, as well as associated resources such as websites, mappings, and related guidance. The purpose of the CSF is to provide guidance to organizations to better...

As the number and severity of cyber threats and attacks continues to rise, it’s more important than ever to make sure your organization is cyber ready. Safeguarding your environment, including the systems and data within, will both reduce risk and promote business operation continuity and security.

On July 29, 2022, the New York State Department of Financial Services (NYSDFS) released proposed changes that may have a significant impact on the current 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). Part 500, a regulation establishing cybersecurity requirements for financial services companies, was declared by the...

The weather is changing, and spring is upon us. Each year around this time, many people tend to do a thorough cleaning of their home and maybe tackle a few home improvement projects before summer arrives. We cannot forget to do the same maintenance and enhancements to our cybersecurity program. To assist you, we created this basic cybersecurity “to-do” list to ensure that you are being proactive...