DFS 23 NYCRR 500 Compliance Assistance

NYS-DFS 23 NYCRR 500 Compliance Assistance

Contact Us

  1. Products & Services
  2. Risk Assessments & Testing
  3. DFS 23 NYCRR 500 Compliance Assistance

The New York State Department of Financial Services’ (“NYS-DFS”) New York State Law 23 NYCRR 500 Cybersecurity Requirements for Financial Services Companies (“23 NYCRR 500”) went into effect on March 1, 2017. 23 NYCRR 500 requires that firms meeting the regulation’s definition of “Covered Entity” have certain cybersecurity measures in place by the stipulated compliance dates. Among other requirements, firms will be required to self-certify their compliance with 23 NYCRR 500. The two-year transitional period ended on March 1, 2019.

HOW WE HELP

NYS-DFS 23 NYCRR 500 Readiness Assessment

For financial services firms that meet the regulation’s definition of Covered Entity, our team of experienced consultants can assist with assessing such firms’ readiness to comply with the requirements of 23 NYCRR 500. As part of such assessment, we will review your firm’s cybersecurity posture as you prepare for compliance with 23 NYCRR 500, and prepare a matrix of each of the 23 NYCRR 500 requirements that applies to your firm.

CISO Support Services

We can assist financial services firms with satisfying the 23 NYCRR 500 requirement to have a full-time Chief Information Security Officer (“CISO”) on staff. We can make available to your firm a dedicated senior consultant who can support your existing CISO by advising on the CISO functions and attending meetings, calls, emails, and/or conducting on-site visits.

NYS-DFS 23 NYCRR 500 RESOURCES

FAQs

NYS-DFS 23 NYCRR 500 FAQs

Get answers to FAQs including exemptions, penalties, and key compliance dates.

Download

Archived Webcast

NYS-DFS Cybersecurity Regulation: What You Need to Know

Uncover compliance requirements, important deadlines, and common misconceptions.

View Now

Want to learn more about our products and services?

 

Contact Us

LATEST BLOG POSTS

M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
May 30, 2019
M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
The Secret Ingredient for Effective Vendor Risk Management
May 30, 2019
The Secret Ingredient for Effective Vendor Risk Management
SEC’s OCIE Issues Risk Alert on Data Storage Security
May 28, 2019
Regulatory Cyber Alert: SEC’s OCIE Issues Risk Alert on Data Storage Security
SEC Conducting Cyber Compliance Examination Sweep of Registered Investment Advisers (RIAs)
May 22, 2019
Regulatory Cyber Alert: SEC Conducting Cyber Compliance Examination Sweep of Registered Investment Advisers (RIAs)
New Intel Chip Security Vulnerability
May 15, 2019
Cyber Alert: New Intel Chip Security Vulnerability
Surveillance Attack Discovered in WhatsApp
May 14, 2019
Cyber Alert: Surveillance Attack Discovered in WhatsApp; User Upgrade Strongly Recommended
Cost-Effective Cybersecurity Diligence Service for PE Investment Teams
April 24, 2019
ACA Aponix Launches Cost-Effective Cybersecurity Diligence Service for PE Investment Teams
Critical Vulnerability Discovered in Internet Explorer
April 18, 2019
Cyber Alert: Critical Vulnerability Discovered in Internet Explorer
Vulnerabilities Discovered in VPN Applications
April 12, 2019
Cyber Alert: Vulnerabilities Discovered in VPN Applications

more from the blog >

Subscribe

Sign up today for ACA news, alerts, and events. 

Subscribe

Social Media