Effective March 1, 2017, Section 500 of the New York State Department of Financial Services Banking Law requires all DFS regulated entities to comply with 23 NYCRR 500 (Part 500) Cybersecurity Requirements for Financial Services Companies. Critical elements of Part 500 include the following key programs and policies:
- Section 500.02 Cybersecurity Program
- Section 500.09 Risk
- Section 500.03 Cybersecurity Policy
- Section 500.05 Penetration Testing and Vulnerability Assessment
Specific included entities have 180 days from March 1, 2017 to achieve compliance. Submission of a Certification of Compliance with Part 500 signed by the Board of Directors or a Senior Officer(s) must be provided to the Department of Financial Services (DFS) Superintendent beginning February 15, 2018.
As Slate Professional is actively supporting our clients in becoming compliant with this requirement, we would appreciate a few minutes of your time to share how we can efficiently and cost-effectively help your FS organization reach NYCRR 500 compliance on time and budget!
Please contact us for a quick and informative chat with our team.