This regulation sets cybersecurity requirements for financial service entities that operate in New York State. With malicious actors using increasingly sophisticated attempts to breach systems and seize data, the amount of cybersecurity regulations will continue to snowball.
The general purpose of the regulation is to ensure that financial service entities do their due diligence to effectively protect their customers and information systems from cyber attacks.
On March 1st of this year, the clock started ticking for compliance with 23 NYCRR 500 regulations. The Department of Financial Services put out this “first-in-the-nation” cybersecurity regulation due to the increase of consistency and sophistication of cyber attacks over recent years. Although a lot of what the new regulation is asking for is already […]