Reg 500 Plan
The New York State Department of Financial Services (DFS) has issued cybersecurity regulations that require minimum standards for protecting the customer information and information systems of the financial services industry. First Watch has assembled some critical tools and resources to help you achieve Reg 500 compliance. In addition, your plan includes data breach risk mitigation. Therefore we back our plan with cyber liability insurance for data security event expenses.
Core Benefits | Reg 500 Plan |
---|---|
Regulation 500 Compliance Tools | |
Policy Wizard | ✔ |
Compliance Checklist & Due Dates | ✔ |
Legal Consult | ✔ |
Email Reminders | ✔ |
Cyber Liability Insurance* | $100,000 (annual aggregate - zero retention - no underwriting) |
Defense & Settlement or Judgment | ✔ |
Regulatory Fines & Penalties (including PCI) | ✔ |
Mandatory Forensic Examination | ✔ |
Notification | ✔ |
Call Center | ✔ |
Forensics | ✔ |
Credit & Identity Monitoring | ✔ |
Public Relations | ✔ |
Associated Legal Expenses | ✔ |
Ransomware Sublimit $10,000 | ✔ |
Telecommunications Theft Sublimit $10,000 | ✔ |
Social Engineering Fraud Sublimit $10,000 | ✔ |
Compliance Tools and Breach Prevention(with periodic updates) | |
Organizational Data Breach Online Risk Assessment | ✔ |
Operational Data Breach Online Risk Assessment | ✔ |
Data Breach Articles & Commentary | ✔ |
Sample Policies & Procedures | ✔ |
HIPAA Pre-Breach Resources | ✔ |
State Legislative Resources | ✔ |
Data Breach Preparedness | |
Breach Tabletop Exercises | ✔ | Data Breach Reaction Guide | ✔ |
Data Breach Reaction Services | |
Legal Consultation (Data Breach) | ✔ |
Forensic Investigation | ✔ |
Notification Letters - Print and Email | ✔ |
Call Center Assistance | ✔ |
Identity Protection | ✔ |
Public Relations | ✔ |
Data Breach Security Employee Training Videos (with online quizzes) | |
Ten Training Videos | ✔ |
Six Month Review | ✔ |
Phishing Intrusion Simulation Testing | |
Initial Baseline Test | ✔ |
Periodic Testing | ✔ |
Pre-breach Legal Hotline Access | |
Data Security Attorney Hotline | ✔ |
**This is a brief coverage summary, not a legal contract. The actual policy should be reviewed for specific terms, conditions, limitations, and exclusions that will govern in the event of a loss. Extended 60 day reporting period applies.