Follow Us:

State

State

23 NYCRR 500

On March 1, 2017, New York Department of Financial Services, 23 NYCRR 500 went into effect. This trailblazing state regulation mandates banks, insurance providers domiciled in and out of New York, and financial services businesses in New York conduct a Cybersecurity Risk Assessment and build a cybersecurity program based on the risk assessment.

 

Our 23 NYCRR 500 Gap Analysis will evaluate your organization against the requirements of 23 NYCRR 500 and provide recommendations where gaps exist to satisfy requirements. Two versions are available; one for Covered Entities and another for Covered Entities with Limited Exemption.  The resulting report becomes your roadmap for complying with 23 NYCRR 500. Ancillary services such as the Cybersecurity Risk Assessment, Vulnerability Assessment, Penetration Testing, and Cybersecurity Policy and Procedures are also available to help your organization meet 23 NYCRR 500 requirements.