Written March 1, 2017, the New York Financial Services Cybersecurity Regulations have been developed to address significant cybersecurity threats to the financial services industry. The regulations prescribe certain standards for a financial service company’s (“regulated entity” or “Covered Entity”) cybersecurity program for the purpose of promoting protection of customer information and protecting regulated information systems.
How We Can Help
The whitepaper below provides a detailed overview of the requirements outlined in 23 NYCRR 500 (pages 1-4) as well as a detailed roadmap toward compliance (page 5). Our team of dedicated security and compliance consultants and researchers can help you develop and implement a roadmap to compliance. Speak with a security professional by contacting us.
1| Requires a detailed risk assessment
2| Requires a CISO (or equivilent) that reports to the board of directors
3| Requires a written and implemented cybersecurity program
4| Requires various technical and non-technical mechanisms in place to support cybersecurity program
5| Tiered effective dates for implementation of various parts of regulation
6| All of this information and a detailed path to compliance are detailed in the whitepaper