Part 5 of 5: Comprehensive Compliance and Security with CDML With the increasing complexity of cybersecurity threats, achieving and maintaining compliance with 23 NYCRR 500, WISP, PCI DSS, and the NY SHIELD Act is an ongoing challenge for financial firms. From Risk Management to Disaster Recovery (DR) and Incident Response (IR) Plans, each component of […]
Part 4 of 5: Disaster Recovery (DR) and Incident Response (IR) Plans For financial firms, the ability to respond effectively to a cyber incident can make all the difference in safeguarding client data and ensuring continuity. Disaster Recovery (DR) and Incident Response (IR) Plans are critical components of 23 NYCRR 500, PCI DSS, and NY […]
Part 3 of 5: Risk Management, Encryption, and Continuous Monitoring For financial organizations, securing sensitive client data requires more than basic protections. 23 NYCRR 500 mandates proactive and continuous oversight, while PCI DSS requires specific measures to safeguard credit card data for businesses that accept card payments. Together, Risk Management, Encryption, and Continuous Monitoring play […]
Part 2 of 5: The Written Information Security Program (WISP) and Data Access Controls For financial professionals in New York, securing sensitive data isn’t just a best practice; it’s a legal obligation. 23 NYCRR 500, the NY SHIELD Act, and WISP—as defined in the Gramm-Leach-Bliley Act—all require organizations to maintain comprehensive data security protocols. Establishing […]
Part 1 of 5: Topic Overview and Understanding 23 NYCRR 500 Financial organizations in New York—especially smaller firms like CPA offices, insurance brokers, mortgage brokers, financial advisors, credit unions, and other financial service providers—are under increasing pressure to protect client data. As cyber threats grow more sophisticated, state and federal regulations mandate stringent data protection […]
In today’s digital landscape, cybersecurity threats are continually evolving, with new tactics targeting businesses and their customers. At CDML Computer Services, we prioritize keeping our clients informed about potential risks. One deceptive tactic to be aware of is typosquatting—a form of cybercrime where criminals register domains that mimic legitimate businesses, with slight misspellings in the […]
A new and sophisticated cybersecurity threat has emerged, targeting businesses and individuals through seemingly legitimate DocuSign emails. This blog post aims to raise awareness about this scam and provide essential tips to protect yourself and your organization. Understanding the Threat Cybercriminals are exploiting DocuSign’s APIs to send fake invoices that appear genuine. Unlike traditional phishing […]
In the constant battle between cybersecurity professionals and cybercriminals, even protective measures can be exploited. A new campaign, known as ClickFix, has found a way to manipulate Google Chrome’s Phishing Warning feature, turning a once-reliable safeguard into a new threat vector. Since its emergence in September 2024, ClickFix has been actively used to distribute malware, […]
© Copyright 2025 CDML Computer Services, Ltd. All Rights Reserved.
