Knowledge Base

Navigating the 23 NYCRR 500 Financial Regulations w/ CIS & BeyondTrust

March 10th, 2017

The New York State Department of Financial Services (DFS), has released legislation:  23 NYCRR 500 to combat the persistent threat posed to information and financial systems by nation-states and independent criminal actors.  This regulation is designed to:

  • Promote the protection of customer information
  • Promote the protection of information technology systems of regulated entities
  • Require each company to assess its specific risk profile
  • Require each company to design a program that addresses its risks in a robust fashion
  • Require annual certification confirming compliance with these regulations by senior management

CIS and BeyondTrust have been monitoring the requirements of this new legislation, and recommend that anyone in the financial industry read the attachment below as a first-step in implementing a plan.

To discuss further, please contact a CIS rep at:  sales@cisus.com or 212-577-6033

NY State Financial Cyber Security Requirements