Reg 500 Plan

The New York State Department of Financial Services (DFS) has issued cybersecurity regulations that require minimum standards for protecting the customer information and information systems of the financial services industry. First Watch has assembled some critical tools and resources to help you achieve Reg 500 compliance. In addition, your plan includes data breach risk mitigation. Therefore we back our plan with cyber liability insurance for data security event expenses.

Core Benefits	Reg 500 Plan
Regulation 500 Compliance Tools
Policy Wizard	✔
Compliance Checklist & Due Dates	✔
Legal Consult	✔
Email Reminders	✔
Cyber Liability Insurance*	$100,000 (annual aggregate - zero retention - no underwriting)
Defense & Settlement or Judgment	✔
Regulatory Fines & Penalties (including PCI)	✔
Mandatory Forensic Examination	✔
Notification	✔
Call Center	✔
Forensics	✔
Credit & Identity Monitoring	✔
Public Relations	✔
Associated Legal Expenses	✔
Ransomware Sublimit $10,000	✔
Telecommunications Theft Sublimit $10,000	✔
Social Engineering Fraud Sublimit $10,000	✔
Compliance Tools and Breach Prevention(with periodic updates)
Organizational Data Breach Online Risk Assessment	✔
Operational Data Breach Online Risk Assessment	✔
Data Breach Articles & Commentary	✔
Sample Policies & Procedures	✔
HIPAA Pre-Breach Resources	✔
State Legislative Resources	✔
Data Breach Preparedness
Breach Tabletop Exercises	✔
Data Breach Reaction Guide	✔
Data Breach Reaction Services
Legal Consultation (Data Breach)	✔
Forensic Investigation	✔
Notification Letters - Print and Email	✔
Call Center Assistance	✔
Identity Protection	✔
Public Relations	✔
Data Breach Security Employee Training Videos (with online quizzes)
Ten Training Videos	✔
Six Month Review	✔
Phishing Intrusion Simulation Testing
Initial Baseline Test	✔
Periodic Testing	✔
Pre-breach Legal Hotline Access
Data Security Attorney Hotline	✔

---

* First Watch Risk Protection benefits are backed by an insurance policy issued by a member company of American International Group, Inc (AIG) to First Watch Technologies, Inc. Purchasers of the Reg 500 Plan receive this benefit from First Watch and are not insureds under the insurance policy. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the benefits described. Please refer to the Summary of Benefits for details.

**This is a brief coverage summary, not a legal contract. The actual policy should be reviewed for specific terms, conditions, limitations, and exclusions that will govern in the event of a loss. Extended 60 day reporting period applies.