The New York Department of Financial Services (NYDFS) Cybersecurity Regulation, also known as 23 NYCRR 500, consists of rigorous cybersecurity rules for covered financial institutions like credit unions, banks and insurance firms. Its goal is to protect sensitive nonpublic information, and it applies to all entities that are regulated by DFS and their unregulated third-party service providers.
This guide provides a partial overview of NYDFS requirements and some of the steps you need to take to fulfill them, including:
- Appointing a CISO
- Implementing a third-party service provider policy
- Performing a risk assessment
- Limiting access privileges
Fill out the form and read now!
With Panorays, the vendor onboarding process has improved significantly. We save time and effort, and we have peace of mind knowing that our third-party security is being assessed and continuously monitored.