Company's leadership publicly commits to the cybersecurity enhancement program |
|
|
|
|
Leadership's commitment is announced to all company staff |
|
|
|
|
Communications between the company and the 3rd party cybersecurity company are conducted via encrypted email |
|
|
|
|
A relationship is established with a 3rd party cybersecurity company |
|
|
|
|
The company begins a cybersecurity education program for all staff |
|
|
|
|
Company performs the MICC cybersecurity self-assessment |
|
|
|
|
Or engages 3rd party cybersecurity company to perform a cybersecurity assessment that is aligned with the ISO 27001 standard and the NY DFS regulation |
|
|
|
|
The company commits to a written cybersecurity improvement schedule |
|
|
|
|
The company iInstalls a SSL/TLS certificate on its website(s) |
|
|
|
|
The company deploys cybersecurity policies |
|
|
|
|
A 3rd party cybersecurity assessment is performed on the company's network and reviewed by our CISO |
|
|
|
|
The company increases security awareness training for all staff |
|
|
|
|
The company establishes a relationship with a qualified CISO internally or on a contract basis |
|
|
|
|
CyberCecurity, LLC performs various technical scans on the company's network and website |
|
|
|
|
The company implements a comprehensive security program equivalent to that required by the NY DFS reg |
|
|
|
|
The company commits to maintain security program at this level |
|
|
|
|