Need help with 23 NYCRR 500 compliance?
We can help you comply with the New York State Department of Financial Services cyber security law.
From risk assessments and incident response to third-party vendor management, Sera-Brynn has got you covered.
What is the New York State DFS Cyber Security Law?
23 NYCRR 500 sets a baseline for banks and insurance companies doing business in New York to protect information. The regulation includes core requirements like multi-factor authentication, training, incident response, and access controls. Notably, organizations must appoint a Chief Information Security Officer, or CISO.
Does it apply to me?
If you are regulated by the NYS DFS, 23 NYCRR 500 will apply with limited exceptions.
Find more information on key dates and resources here.