Get compliant with the latest regulations today with the checklist and our simple certification process.
The NY Department of Financial services (NYDFS) recently announced the state’s first regulation requiring formal cybersecurity programs for financial institutions. If you’re a NYDFS regulated company, it’s time to get your house in order and get certified. The last thing you want is a hefty fine from the authorities when compliance can be handled easily.
We offer two simple packages - Either 'Do-It-Yourself' in-house, or, the option most companies choose to go with, the ‘Full Managed Service’ - Outsource the work to us, knowing that you will get compliant!
With our full-service package, we take care of your risk assessment, cybersecurity policies and we act as your designated CISO, ensuring that you are fully compliant with the regulation.
Yes, that’s right. If you purchase our program and don’t receive your DFS 23 NYCRR 500 certification, we will give you a full refund*. It’s a win-win!
*DIY package customers must follow the program and checklist that is set out in order to qualify for the money-back guarantee
We offer two certification plans -Do-it-Yourself and a Fully Managed Service
You are required to be compliant now!
The transition period came to an end on August 28, 2017 and you must provide a
Certification of Compliance to
the DFS before February 15, 2018.
See the calendar of dates on the DFS website.
Whether you are a financial organization licensed by the DFS or operating in New York State, you will be affected by DFS 23 NYCRR 500. Organizations covered by the new cybersecurity regulations include:
You may be exempt from some parts of the regulation. If you fall into the following categories:
For the full list of exemptions, read the regulation here.
Firstly, and most significantly, this NYDFS cybersecurity regulation requires covered entities to file an annual certification of compliance with the regulation. These Certifications of Compliance will commence February 15, 2018.
According to the regulation, in order for organizations to reach the goals of the compliance, organizations must implement the following:
Read the 23 NYCRR PART 500 FAQ’s here.