• Twitter
  • Facebook
  • Linkedin
  • Customer Support
844-4-SEDARA | [email protected]
Sedara
  • Services
    • Risk Assessments
    • Penetration Testing
    • Virtual CISO
    • Managed Security
  • Compliance
    • 23 NYCRR 500
    • GDPR
    • HIPAA
    • NERC CIP
    • NIST SP 800-37
    • NIST 800-53
    • NIST 800-171
    • PCI DSS
    • SARBANES OXLEY
    • File Integrity Monitoring
  • Managed Security
    • SIEM
    • MDR
    • Endpoint
    • Firewall – The Perimeter
    • Log Management
    • Phishing Training
  • Who We Are
    • About Us
    • Partners
    • Contact
    • Newsroom
    • Careers
  • Resources
    • Library
    • Blog
    • Best Practices Guide
    • Case-Studies
    • Webinars
    • Whitepapers
    • GitHub

Managed Security

We provide the expertise and manpower to keep you safe.

CONTACT US

23 NYCRR 500


This regulation sets cybersecurity requirements for financial service entities that operate in New York State. With malicious actors using increasingly sophisticated attempts to breach systems and seize data, the amount of cybersecurity regulations will continue to snowball.

Guide to DSF500

The general purpose of the regulation is to ensure that financial service entities do their due diligence to effectively protect their customers and information systems from cyber attacks.

ARE YOU EXEMPT?

If you fit any of the following criteria you qualify for a Limited Exemption. This doesn’t eliminate ALL of your compliance needs but it reduces your obligations.

  • Fewer than 10 employees(Including independent contractors)
  • Less than $10 Million in year-end total assets
  • Less than $5 million in gross revenue

Instructions on filing a notice of exemption.

What Are the Deadlines?

  • August 28th is the initial deadline for the first section of technical requirements.
  • September 28th 2017 is the deadline for filing a notice of exemption.
  • February 15th 2018 is the deadline for the first certification of compliance.
  • March 1st 2018 is the deadline for the second round of technical requirements.
  • September 3rd 2018 is the deadline for the third round of technical requirements.

Click here for the 23 NYCRR 500 Compliance Starting Guide

credit card

Blog Posts

financial cybersecurity

Beginners Guide: 23 NYCRR 500 Compliance

July 5, 2017/0 Comments/in 23 NYCRR 500, Compliance, Resources /by Julian Anjorin
Read more
https://www.sedarasecurity.com/wp-content/uploads/2017/07/dfs500pic.png 2985 4807 Julian Anjorin https://www.sedarasecurity.com/wp-content/uploads/2014/04/SEDARA_LOGO_COLOR_FINAL2-300x55.png Julian Anjorin2017-07-05 19:53:372019-07-23 15:16:54Beginners Guide: 23 NYCRR 500 Compliance
Page 3 of 3123

23NYCRR500 deadlines and exemptions

Do you have any questions or need help with these regulations?

GET COMPLIANT
  • 23 NYCRR 500
  • GDPR
  • HIPAA
  • NERC CIP
  • NIST 800-53
  • PCI DSS
  • SARBANES OXLEY

Connect With Us

Locations

77 Goodell Street
Buffalo, NY

Latest News

  • NIST 800-171How you can comply with the 100+ security requirements in NIST 800-171June 5, 2019 - 4:43 pm
  • GLBA complianceIncoming: Proposed Changes to GLBA Cybersecurity RequirementsMay 24, 2019 - 1:40 am
  • NIST SP800-171 Rev2Mitigating Cybersecurity Risks & Compliance with NIST SP 800-37 Revision 2April 30, 2019 - 8:39 pm

Managed Security Services

  • Managed Security
  • Compliance
  • Who We Are
  • Resources
  • Blog
  • Contact

Contact Us

[email protected]

+1 (844) 4-Sedara

Current Customers

  • Customer Support
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Read More
Privacy & Cookies Policy

Necessary Always Enabled

Non-necessary

Scroll to top