|
|
The New York State Department of Financial Services (DFS) has been closely monitoring the ever-growing threat posed to information and financial systems by nation-states, terrorist organizations, and independent criminal actors, particularly against financial services organizations. In response, DFS established “Part 500” of Title 23 of its rules and regulations, which requires annual certification to prove covered organizations are in compliance with specific IT security requirements. The NYDFS Cybersecurity Regulation applies to all entities operating under, or required to operate under, DFS licensure, registration, or charter, or which are otherwise DFS-regulated, as well as unregulated third-party service providers servicing regulated entities.
|