This project is to assist with New York department of financial services regulations (https://www.schellman.com/blog/cybersecurity/nydfs-cybersecurity-regulation-comprehensive-guide?utm_campaign=Weekly%20Read&utm_source=hs_email&utm_medium=email&utm_content=320311797&_hsenc=p2ANqtz-9IQ88EZyZzvRFL07_Qf252wjTKblCkEM4MPxtfMdW9bYZs56rJsy60JRRXOCkW4awDUZtf4W8LfsvfNHSRIqvpSqW4Sw). It will assist many banking and capital market customers on creating various reports to satisfy audit requirements. It will leverage various MS security tools such as Purview, Entra and others.

Goal: Create PowerBI dashboard to show detail data on compliance for New York department of financial services. Regulation: The NYDFS Cybersecurity Regulation: A Comprehensive Guide (schellman.com)

Design: Create prototype of at-least two items in the regulation: 500.7 Access Privileges Limit user access privileges to Information Systems that provide access to nonpublic information (NPI) and periodically review such access privileges. Provide list of users having access to nonpublic information Provide access review information for these users (Who approved the request) Get data from Entra admin portal using Graph API

500.16 Incident Response Plan Develop an incident response plan to promptly respond to and recover from cybersecurity events. Provide incidents and events and recovery timeline Get data from Defender portal using Graph API

Leverage security Co-Pilot (AI) wherever possible.