NYDFS Cybersecurity Regulation: Two Years Later, Let’s Check-In


— by Lindsey Ullian, Threat Stack Compliance Manager

Back in 2017, we brought our readers up to date on NYDFS Cybersecurity Regulation (23 NYCRR 500), a new set of regulations introduced by the New York Department of Financial Services (NYDFS). For many of us, other compliance frameworks such as the GDPR, have held more of our attention over the past two years, and 23 NYCRR 500 has somewhat slipped from sight. But given the fact that entities covered by 23 NYCRR 500 must comply whether they are based in New York or not, it’s time to refamiliarize yourself with the regulations.

With that in mind, Collin Varner, Senior Associate at Schellman & Company, has prepared a detailed update on what’s been happening with the regulation since it was introduced, along with key issues you need to understand.

Here’s Collin’s article. . .

Read more “NYDFS Cybersecurity Regulation: Two Years Later, Let’s Check-In”