What is a Risk Assessment?
If you take a step back and really boil down 23 NYCRR 500, it would be fair to say that the primary requirement is to develop a Cybersecurity Program to protect unauthorized access of Nonpublic Information (NPI). Yes, there are more detailed requirements than that, which we’ve covered in previous blog posts, but the ultimate…