Posted on March 27, 2025 | 1 minute read

2025 New York Department of Financial Services (NYDFS) Reporting Reminder

New York State seal

The team at Avalon just wanted to remind you that the New York Department of Financial Services (NYDFS) cybersecurity regulation deadline is fast approaching. As part of NY DFS Cybersecurity Regulation 23 NYCRR 500, companies regulated by NYDFS are required to complete and file their annual cybersecurity compliance certification with the department.

Deadline: The filing deadline for the Notice of Compliance is April 15, 2025.

Key points to remember:

  • Ensure your cybersecurity program complies with the requirements outlined in 23 NYCRR 500.
  • If you are not fully compliant with each section, you are still required to submit a notice of material non-compliance with associated remediation timelines.
  • Complete and file the Notice of Compliance by the deadline.
  • Review your risk assessments, incident response plans, and cybersecurity policies to ensure they are up to date.

Please take action promptly to avoid penalties and ensure full compliance. If you need assistance or have questions regarding the filing process, contact the experts at Avalon today.

Blog Articles

Employee Spotlight: Sofia Johnson

Employee Spotlight: Sofia Johnson

 

 

Every once in a while, we like to show off one of our hard-working, detail-oriented problem solvers. Take a moment to see who's in the spotlight today!

Read More
Mastering Basic Cybersecurity Hygiene for Long-Term Success

Mastering Basic Cybersecurity Hygiene for Long-Term Success

As a cybersecurity leader who’s seen too many breaches start with the simplest oversights, I often say: “You can’t build castles on a sand foundation.” In today’s landscape, where ransomware attacks are a daily occurrence for businesses large and small, basic cybersecurity hygiene isn’t optional; it’s your first line of defense – the basics that keep your organization resilient.

Read More
Analyzing September 2025’s Critical Zero-Day Vulnerabilities

Analyzing September 2025’s Critical Zero-Day Vulnerabilities

September 2025 has been a powerful reminder that today’s greatest cyber risks often come from the software we rely on most. In just a few short weeks, organizations faced a wave of critical zero-day vulnerabilities across remote access gateways, communication apps, password managers, and even everyday utilities. These weren’t hypothetical risks – they were live, actively exploited threats.

Read More
Achieve more, every day, by shifting a variety of critical business functions – eDiscovery, digital forensics, managed review and staff augmentation, legal document solutions, and cybersecurity – to the experts at Avalon.
 
Visit our paper services website at teamavalondocs.com
 

Solutions

Company

Knowledge Center

©2025 Surge Avalon Holdings. All rights reserved.