🔒

NYDFS Cybersecurity Checklist

Identify the business's Key Internal Operations

Identify the infrastructure for potential vulnerabilities

Conduct a risk assessment for cybersecurity threats

Create a Cybersecurity policy tailored to your organization

Approval: Cybersecurity Policy

Develop an Incident Response Plan

Implement cybersecurity controls from policies and procedures

Establish a cybersecurity training program for employees

Install appropriate cybersecurity software

Perform system and software security updates regularly

Conduct regular scans and penetration testing of systems

Ensure secure hardware disposal procedures

Approval: Hardware Disposal Procedure

Monitor system logs for suspicious behavior

Encrypt data at rest and in transit

Implement a secure backup and recovery plan

Approval: Backup and Recovery Plan

Review and update cybersecurity policies and procedures regularly

Conduct an annual audit of cybersecurity practices

Approval: Annual Cybersecurity Audit Summary

Identify the business's Key Internal Operations

Identify the key internal operations of the business. This involves identifying the core functions and processes that are critical to the operation of your organization. Understanding these key operations will help prioritize cybersecurity efforts and ensure that adequate protection measures are in place. What are the main areas of your business that need to be protected?

Main areas of the business

Key internal operations