{"id":513730,"date":"2024-02-29T09:00:00","date_gmt":"2024-02-29T14:00:00","guid":{"rendered":"https:\/\/www.commvault.com\/?p=513730"},"modified":"2024-03-04T12:31:02","modified_gmt":"2024-03-04T17:31:02","slug":"enhancing-cyber-resilience","status":"publish","type":"post","link":"https:\/\/www.commvault.com\/blogs\/enhancing-cyber-resilience","title":{"rendered":"Enhancing Cyber Resilience: A Deep Dive into Commvault Cloud Solutions for the Second Amendment to 23 NYCRR Part 500 Regulation"},"content":{"rendered":"\n
The New York Department of Financial Services (NYDFS) is proactively responding to escalating cyber threats with the Second Amendment to Chapter 23 of the New York Codes, Rules, and Regulations (23 NYCRR Part 500<\/a>). This amendment is a strategic move to fortify information and financial systems against the increasing prevalence and sophistication of cyberattacks. The call for additional controls to manage cyber risks cost-effectively is louder than ever.<\/p>\n\n\n\n As we dissect the intricacies of this regulatory change, it becomes apparent that organizations need more than a mere rulebook; they require a robust solution ready to confront cyber challenges head-on. This is where Commvault\u00ae Cloud, powered by Metallic\u00ae AI, enters the game to help meet regulatory requirements while elevating cyber resilience. Now is the time for organizations to embrace the future with Commvault Cloud.<\/p>\n\n\n\n Let’s delve into the critical sections of the amendment, exploring how Commvault Cloud innovative solutions align seamlessly with some key requirements.<\/p>\n\n\n\n Commvault Cloud\u2019s Risk Analysis<\/a> solution goes beyond traditional methods. It systematically identifies and categorizes sensitive data across on-premises and cloud locations. By scanning diverse data types, including images, Risk Analysis pinpoints redundant, obsolete, and trivial (ROT) data. It addresses issues related to data sprawl and duplication in addition to facilitating prompt risk assessment based on data sensitivity and impact. File access and privileges related to sensitive data can undergo thorough quick reviews for robust security measures and to intelligently inform the design of your cybersecurity program mandated by the amendment.<\/p>\n\n\n\n In addition to the Risk Analysis capabilities, Commvault Cloud introduces Security IQ<\/a> to furnish a comprehensive security posture dashboard. It provides a dynamic score to aid organizations in identifying and mitigating security risks. Commvault Cloud Threatwise<\/a> enhances further detection and monitoring capabilities by providing early detection of attempts to infect critical assets with malicious code. If activated, the Network Intelligence sensor actively monitors outbound threats and connections to botnets or malicious URLs and can assist in monitoring suspicious web traffic as required by the amendment as well.<\/p>\n\n\n\n Commvault Cloud goes beyond conventional access controls. It introduces zero-trust controls, including Multi-Factor Authentication (MFA), Multi-Partner Authorization (MPA), Privilege Access Management (PAM), Role-Based Access Control (RBAC) including granular security, and Security Assertion Mark-up Language (SAML). It also provides extensive audit logs when needed. These comprehensive security features finely tune access privileges to align with the highest security standards.<\/p>\n\n\n\n Commvault Cloud meets the best-in-class encryption requirements, aiding the secure transfer of data in-flight via authenticated channels and encrypted data at rest for secured storage. Leveraging FIPS 140-3 (AES 256) and through REST TLS 1.3 authenticated API calls over HTTPS it supports compliance with the industry-standard encryption outlined in the amendment.<\/p>\n\n\n\n With Commvault Cloud Threatwise, financial entities can receive early warning signals alerts using advanced deception techniques that can identify lateral movements in the network, reconnaissance, or attempts to infect backup workloads and production environments. Additionally, The Anomaly framework can send alerts on unusual file activity, aiding in threat identification within backups. Integrations with SIEM and XSOAR can assist in disabling data aging or users at risk. With Commvault Cloud Threatwise, financial entities can create decoys of servers, endpoints, financial decoys assets such as Swift & ATMs, networking equipment, and more, effectively mimicking financial entity assets. This proactive approach contributes to reducing response times, improving threat intelligence correlations and remediation, thus eventually assisting IRT to shorten the determination time for a cyber incident.<\/p>\n\n\n\n The amendment mandates: \u201cEach covered entity shall periodically, but at a minimum annually, test incident response and BCDR plans \u2026.\u201d Commvault Cloud Backup and Recovery capabilities, along with Commvault Cloud Auto Recovery<\/a>, Commvault Cloud Air Gap Protect<\/a>, and CommServe Recovery Validation Service provide a comprehensive and complete timely solution for this requirement. It simplifies the process for organizations to automate clean recovery of the backup infrastructure and application group recoveries, allowing periodic recovery testing in a clean environment in the cloud, which can be used for cyber forensics as well.<\/p>\n\n\n\nCyber Resilience through Intelligent Risk Analysis [Sections 500.9(a), 500.2(c)]<\/h4>\n\n\n\n
AI-Driven Monitoring and Training [Section 500.14(2)]<\/h4>\n\n\n\n
Zero-Trust Access Controls [Section 500.7(a)]<\/h4>\n\n\n\n
Advanced Encryption for Maximum Security [Section 500.15(a)]<\/h4>\n\n\n\n
Notice of cybersecurity event, Early Warning System, and Cyber Deception Techniques assisting with a cyber incident determination within 72 hours [Section 500.17(a)]<\/h4>\n\n\n\n
Incident response testing [Section 500.16]<\/h4>\n\n\n\n