All Articles

REMINDER: 4 DAYS Left to File Your NYS DFS Exemption

Let the Digital Edge Cybersecurity Team keep your business in compliance!

The Digital Edge Cybersecurity Team would like to remind you that exemption filing for the  New York State Department of Financial Services’ (DFS) 500 Mandatory Cybersecurity is due on August 28, 2017.

Filing for this limited exemption only needs to be filed one time. In the future, if your organization no longer qualifies for the limited exemption as of your most recent fiscal year you would then have 180 days to comply with all applicable requirements of the regulation.  

Read our step-by-step guide on how to file this exemption HERE!

Let the Digital Edge Cyber Security Team ease the burden of implementing the NYDFS Cybersecurity Regulations that are still required under your exemption. Contact our Sales Team for your free assessment and align yourself with compliance today!

Today’s model and mindset is that it seems that you can assemble anything using services provided by different companies and it will be solid. Those services are like parts of LEGO. 

AWS could be like a LEGO. Kids are playing with it. You can make functional things. You can build a house out of LEGO. Is this the best tooling for building a house? Maybe, it is simple. A kids can do it. If you have enough LEGO a kid can build a house. Would it survive many summers and winters, hurricanes, maybe yes, maybe not. Depends how much engineering experience the builder has. A bad engineer may build a bad house out of good old time bricks and a good engineer can make a great house of LEGO. However if you want to build a rocket, you need an “enterprise” class LEGO. You can use one from ToysRs but at least you have to engineer your solution. 

Today’s simplicity is a good thing, a bad thing and a scary thing. 

On July 31, 2017, the Department of Financial Services (DFS) has launched a new online portal to securely transmit in real time all notifications required under New York’s first-in-the-nation cybersecurity regulation. If you need assistance with registration or with any or all components of this cybersecurity framework, the Digital Edge team is available to meet your compliance needs! 

“With DFS’s leading cybersecurity regulation, the DFS cyber portal will allow New York’s financial institutions to quickly, easily, and securely report cybersecurity events and file required certifications of compliance, ensuring that the necessary safeguards are in place to protect New York consumers and financial institutions as the threat of cyber-attacks continues to increase.” - Superintendent Maria Vullo, Department of Financial Services

Filings made through the DFS Web Portal are preferred to alternative filing mechanisms as the DFS Web Portal provides a paperless reporting tool to facilitate compliance with the DFS cybersecurity regulation. Learn more about the New only DFS Cybersecurity Reporting Portal here.

Let the Digital Edge Cyber Security Team ease the burden of implementing the robust NYDFS Cybersecurity Regulation. Contact our Sales Team for your free assessment and align yourself with DFS compliance today

It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.

The law will produce large penalties if your company is found not in compliance and Digital Edge’s Solution is here to help avoid those hefty fines.  

To Do List:

1. Determine if you are regulated; to see how please click here.
2. Determine if you are eligible for any of the 5 possible exemptions; to review the exceptions click here.
3. If you are eligible for exemption, you must file the Cyber Security Notice of Exception by September 27, 2017. 
4. Depending on your exemption category, you may still need to build a cyber security system. Click here to see how Digital Edge can help you. 
5. By August 28, 2017, covered entities must be in compliance. 
6. February 15, 2018, covered entities must submit first Certification of Compliance. 
    

On March 1, 2017, the New York State Department of Financial Services’ (DFS) mandatory cybersecurity requirements for financial services entities became effective, with implementation to occur within 180 days (August 28, 2017). Let the Digital Edge Cybersecurity Team keep your business in compliance!

At a high level, the regulation requires that all covered entities:

• Conduct a documented risk assessment
• Establish a risk-based cybersecurity program
• Adopt a written cybersecurity policy
• Designate a qualified CISO
• Implement written third-party cyber risk policies
• Establish a written incident response plan
• Notify the superintendent of DFS of any cybersecurity events
• Submit an annual certification of compliance

It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.  To learn more about this mandatory compliance regulations, please read our most recent whitepaper entitled “DFS Compliance – Mandatory  Cybersecurity Regulations” 
 
Digital Edge DFS Cybersecurity Solution
 
The Digital Edge Cybersecurity Team is well-versed in the DFS regulation.  We are ready to help companies mitigate risk and ensure compliance with all aspects of the DFS regulation! Contact us today to further explore how our team can provide your business with an unparalleled cybersecurity solution, with our continued focus on Stability, Security, Efficiency and Compliance. 

A brief message from the Digital Edge Security Team: 

1. All Digital Edge’s clients are patched and safe. If you are not Digital Edge client and feel that you may need assistance please contact us. 
2. If you are affected by Ransom.Petya, do not pay the ransom and speak immediately to the Digital Edge Security Team. Further analysis of the cryptolocker, revealed that data retrieval is possible without paying ransom. Please contact our Security Team if you need an assistance with recovering and removing Ransom.Petya. 
    

In an effort to help organizations to better assess candidates, their level of expertise and knowledge of relevant subjects, Digital Edge and Appcore Solutions (https://appcoresolutions.com/) have designed and built an IT Skills Assessment Platform.

This platform gives organizations the ability to create custom tailored online tests for each job opening. Additionally, this system also allows your organization to invite your candidates to take relevant tests and preview the results. 

Currently, Digital Edge utilizes this system to pre-screen candidates before an initial face-to-face meeting. We invite you to take a test drive and share your opinion about the system, its concepts and features.

We invite you to take a test drive and share your opinion about the system, its concepts and features.

Please try the system:

www.perfectknowledge.com

Please click the link below to get more details and access to the system!

Read more about the platform here. 

Traffic analytical tools can cause unintentional sensitive information disclosure.  

Most of precisely targeted attacks on IT infrastructures are originated from outside of security perimeters of the victimized organizations. However, the security openings allowing cyber attackers to breach security mechanisms overwhelmingly originated either with unintentional help of insiders or disclosure of sensitive information. 

Read more on this subject and how the Digital Edge Security Team helps clients mitigate or prevent these risks.

There is a great relief for the many companies which still use legacy systems that are no longer supported by the manufacturer, as the case with Windows XP and Windows Server 2003 - Microsoft is including these operating systems in the updates to patch for the existing vulnerabilities exposed in this attack. For those customers who still have legacy systems, this is vital to protect their overall customer ecosystem.
 
Download English language security updates for: 

• Windows Server 2003 SP2 x64
• Windows Server 2003 SP2 x86 
• Windows XP SP2 x64
• Windows XP SP3 x86 
• Windows XP Embedded SP3 x86
• Windows 8 x86
• Windows 8 x64

To download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598