NY DFS enacted 23 NYCRR 500 to establish cybersecurity requirements for financial businesses in New York State. This regulation seeks to protect industry and consumer from cyberattack—requiring banks and other institutions to safeguard transaction records and consumer data.
Governor Andrew M. Cuomo stated: "New York is the financial capital of the world, and it is critical that we do everything in our power to protect consumers and our financial system from the ever increasing threat of cyberattacks. These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place in order to protect themselves and the New Yorkers they serve from the serious economic harm caused by these devastating cybercrimes."
Unfortunately, anything written by legislators can seem complex or intimidating. Businesses without cybersecurity policies risk allowing deadlines established under 23 NYCRR 500 get past them. As a result, many are scrambling. These businesses need a rational voice to guide them.
With this in mind, BTB Security has distilled the most important things to know about 23 NYCRR 500 into a Solution Guide that presents this regulation in plain language—so that you can get ahead, remain ahead, stay compliant, and remain secure. Read the Solution Guide