From: DarkReading
Mark Sangster, Commentary
New York’s toughest regulations yet are now in effect. Here’s what that means for your company.
One of the harshest cybersecurity regulations to hit companies in the US recently went into effect in New York. The state regulator, the New York Department of Financial Services, introduced its Cybersecurity Requirements for Financial Services Companies (23 NYCRR Part 500), a regulation designed to tighten cybersecurity practices across a wide selection of companies, which became effective on March 1, 2017.
Part 500 covers anyone “operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law.” In practice, this includes banks, investment firms, insurers and licensed lenders, holding companies, charities, and service contractors. They should all be watching this regulation and preparing themselves for compliance.
Leave a Reply