Because of the increasing sophistication of cyber attacks over recent years, the NY Department of Financial Services (NYDFS) propagated 23 NYCRR 500, a law establishing cybersecurity requirements for financial service firms. Though most of the rules this regulation is asking for is already considered best-practice, some firms haven’t executed these processes. Violating these regulations can invite hefty non-compliance penalties.

Do I need to comply with 23 NYCRR 500?
The regulation is applicable to all covered entities meaning “any person operating under or need to operate under a registration, license, permit, charter certificate, accreditation or identical consent under the insurance law, the banking law or the financial service law.”

The organizations that need to comply include but not limited to private bankers, licensed lenders, mortgage companies, state-charted banks, insurance companies, and oversea banks licensed to operate in NY.

There’re limited exclusions to the regulation. Companies that appoint fewer than ten personnel, make less than five million dollars in gross annual revenue from New York operations in each of the previous 3 years, or have less than ten million dollars in year-end total assets are excused from specific requirements of the NYDFS Cyber security Regulation.

Am I the one a little overwhelmed about the compliance of 23 NYCRR 500?
No, not at all! In fact, many other organizations that don’t actually know from where to start or if they’re even exempt.

Fortunately, you don’t have to conquer this battle alone. Being a leading cybersecurity compliance regulation services, CompCiti is devoted to assuring efficient network security & full compliance for organizations of all sizes. If you have queries regarding managed network security or compliance with any regulations including 23 NYCRR 500, feel free to get in touch.. CompCiti would love to answer your queries and help you with everything needed for a successful 23 NYCRR 500 compliance.

CompCiti are very much aware of the struggle organizations face in order to become and stay compliant with data privacy regulations. This is why CompCiti put utmost emphasis on securing critical data regardless of where it dwells, how it’s used and how it’s accessed. The approach emphasizes on fulfilling 23 NYCRR 500’s most challenging requirements. The Compliance Experts will not just make sure that you’re compliant with 23 NYCRR 500, but will assist you to execute a more efficient, long-term cybersecurity etiquette in the process.

Disclaimer :
This content is created and provided by a third-party online content writer on behalf of CompCiti, and is for commercial purposes only. CompCiti does not take any responsibility on the accuracy of this article.

Source: https://23nycrrpart500.wordpress.com/2020/08/11/what-the-23-nycrr-500-regulation-is-all-about/