Risks of not having a Fractional CIO:
Contact Us Today For
A Free Consultation
What is 23 NYCRR Part 500?
In 2017, the New York State Department of Financial Services (NYS DFS) released a set of cyber security requirements for industries that it supervises, mandating robust cyber security programs that are certified with New York State.
These regulations acknowledge the ever-growing threat posed to financial systems by cyber criminals, and are designed to ensure businesses effectively protect their customers' confidential information from cyber attacks.
23 NYCRR Part 500 requires all Financial Services companies to be subject to minimum standards with respect to their cyber security programs. This includes conducting regular security risk assessments, keeping audit trails of asset use, providing defensive infrastructures, maintaining policies and procedures for cyber security, and creating an incident response plan.
Each violation can incur fines of $2,500 per day!
Maintaining this level of cyber security compliance may seem complicated and expensive. It doesn’t have to be.