The current cybersecurity laws and regulations landscape is complex and burdensome. Public cloud providers are trying to help automate and offload the weight of program implementation but there is still a long way to go.
New York State DFS introduced its 23 NYCRR 500 regulation that requires implementation of cybersecurity requirements for all covered entities.
Digital Edge’s team, backed by our legal, cybersecurity and heavy AWS expertise has analyzed DFS requirements and possible AWS implementation automation suggestions.
Download the DFS 500 PDF with highlights and comments that include the joint work of our team.
The New York State Department of Financial Services’ (DFS) mandatory cybersecurity requirements for financial services entities became effective on March 1st, 2017, with a two-year implementation period. The regulation requires all DFS regulated entities, subject to certain exemptions, to adopt the core requirements of a cybersecurity program. The final effective date for the regulation will be March 1, 2019, by which time, under section 500.11, DFS regulated entities are required to have written policies and procedures that are based on a risk assessment to ensure the security of nonpublic information and information systems that are accessed or held by third party service providers.
DFS has come out with the dates all regulated entities and licensed persons must files various notices to the Superintendent. The final one being next month, February 15th 2019.
Last month, many New York State Financial Institutions received their scary “Failure to File Certification of Compliance” email and were perplexed by what to do next… Don’t fear, the Digital Edge's VP of Compliance is here to answer your many many submitted questions regarding NYS Department of Financial Services Part 500 Mandatory Cybersecurity Requirements! These are the questions for this month:
REMINDER: 4 DAYS Left to File Your NYS DFS Exemption
Let the Digital Edge Cybersecurity Team keep your business in compliance!
The Digital Edge Cybersecurity Team would like to remind you that exemption filing for the New York State Department of Financial Services’ (DFS) 500 Mandatory Cybersecurity is due on August 28, 2017.
Filing for this limited exemption only needs to be filed one time. In the future, if your organization no longer qualifies for the limited exemption as of your most recent fiscal year you would then have 180 days to comply with all applicable requirements of the regulation.
Let the Digital Edge Cyber Security Team ease the burden of implementing the NYDFS Cybersecurity Regulations that are still required under your exemption. Contact our Sales Team for your free assessment and align yourself with compliance today!