NYCRR 500 is a regulatory compliance standard that regulated the Financial Services Industry (FSI) in New York. This regulation mandates each institution have a cyber security program, Chief Information Security Officer (CISO), access controls, asset management, data governance, software development practices, annual certification of their compliance, and more.
The New York Department of Financial Services (NY DFS) is taking steps to strengthen the cyber security foundation of all financial services organizations within the state of New York and those that do business with them. On March 1, 23 NYCRR 500 went into effect, setting guidelines for cyber security practices within the New York’s Financial Services Industry including minimum standards for access control, breach remediation and the requirements for cybersecurity programs. The key date to keep in mind is September 1, 2017: that date marks the end of the 180 day period to comply with the guidelines set forth in 23 NYCRR 500.
New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever increasing threat of cyber-attacks. These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cyber-crimes.”
© 2022 Stealthbits Technologies, Inc.