What is the NYDFS Cybersecurity Law?

“The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a new set of regulations from the NY Department of Financial Services (NYDFS) that places new cybersecurity requirements on all covered financial institutions. The rules were released on February 16th, 2017 after two rounds of feedback from industry and the public. These regulations acknowledge the ever-growing threat posed to financial systems by cybercriminals and are designed to ensure businesses effectively protect their customers’ confidential information from cyber attacks. This includes conducting regular security risk assessments, keeping audit trails of asset use, providing defensive infrastructures, maintaining policies and procedures for cybersecurity, and creating an incident response plan. 

Who does the NYDFS Cybersecurity Law Apply to?
  • Credit Unions 
  • Health Insurers 
  • Investment Companies 
  • Licensed Lenders 
  • Life Insurance Companies 
  • Mortgage Brokers 
  • Savings and Loan Associations 
  • Private Brokers 
  • Offices of Foreign Banks 
  • Commercial Banks 
Download this PDF to learn more about NYDFS and how Clarabyte protects confidential
File Size: 12 MB
Try it for free!