On March 1, 2017, the New York State Department of Financial Services’ (NYDFS) Cybersecurity Requirements for Financial Services Companies, 23 NYCRR 500 (Part 500), became effective. NYDFS describes Part 500 as a first-of-its-kind state regulation that created mandatory cybersecurity and risk management regulations for Covered Entities. Part 500 defines Covered Entities as persons operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law.

Since Part 500 became effective, NYDFS’ focus on cybersecurity has been robust. The NYDFS website includes a Cybersecurity Resource Center, which offers various cybersecurity-related information published by NYDFS over the years, such as cybersecurity guidance, alerts and reports. Perhaps most notably is the NYDFS’ Guidance on Ransomware Prevention.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]