Penetration Testing Not Required For Limited Exempt Agencies

​We want to reaffirm to those of you who have limited exemptions under the New York cybersecurity regulation that it does not require you to perform network penetration testing.Some members have reported to us emails sent by  a cybersecurity services vendor. These messages stated that the New York State Department of Financial Services (DFS) is requiring all entities covered under the regulation, Cybersecurity Requirements for Financial Services Companies​, to perform regular penetration testing of their computer networks. The vendor has said that DFS is requiring covered entitites to do this, regardless of their size. The regulation defines "covered entity" as "any individual or any non-governmental entity operating under or required…

Continue ReadingPenetration Testing Not Required For Limited Exempt Agencies

Industry Roundup: April 22nd

The Basic C​​ybersecurity Controls That Every Company MUST HaveWhen it comes to cybersecurity, don't underestimate the importance of basic controls. You and your employees are exposed in the pandemic-induced work from home environment to new cyber risks, raising the stakes for cyber best practices and education. Cyber criminals seek out the lowest hanging fruit. They're attacking organizations without the most basic controls, such as those with insecure remote desktop protocol (RDP) and those that lack multi-factor authentication (MFA) for remote access or administrative access into corporate networks. Make sure your agency is promoting basic cybersecurity measures.Employee Ben​​​efits in 2021: 3 Trends for the 'Next Normal'Employee…

Continue ReadingIndustry Roundup: April 22nd

3, 2, 1 With Sue Keegan: Catalyit, handwritten notes, & your work-from-home uniform

​3 ThingsRead this new blog post from Tim regarding “Lessons From Recent DFS Cybersecurity Enforcement Actions”.Learn about CATALYIT – All the agency tech guidance you need … in one place !Get your nomination in now​ for an agent under age 40 who has displayed outstanding commitment to their clients, their agency and their industry.2 IdeasRegister now for our 2021 E&O Loss Control Seminar.  There will be some acting of the highest quality by some of your friends at Big I NY – you don’t want to miss this.Ditch an email for a hand-written note.  This idea came to me from Jim Petrie at Haylor, Freyer…

Continue Reading3, 2, 1 With Sue Keegan: Catalyit, handwritten notes, & your work-from-home uniform