Did You Know?

NYCRR Part 500 Cybersecurity Regulations

DID YOU KNOW… that CDI Adheres to NYCRR Part 500 Cybersecurity Regulations?

We’re sure you’ve heard that the New York Department of Financial Services recently passed 23 NYCRR Part 500, a new regulation that requires all financial services companies to adopt broad cybersecurity programs that include:

  • Conducting risk assessments
  • Developing appropriate cybersecurity policies and procedures
  • Appointing a chief information security officer (CISO)
  • Establishing a written incident response plan
  • Training employees in cybersecurity measures
  • Implementing suitable encryption controls
  • Conducting annual penetration testing and biannual vulnerability assessments

CDI Managed Services (CDI MS) and eSentire can provide a wide range of cybersecurity solutions that satisfy these new requirements, including: intrusion detection and prevention, SOC services, disaster recovery and business continuity services (DRaaS), incident management and response, risk assessments, security awareness training, regulatory compliance, policies and procedures, full systems monitoring and management.

Though already in effect, the new regulation is expected to ratchet up in seriousness and intensity leading into 2020. Penalty mandates are in effect, so contact us today for your free security assessment.

NYCRR Part 500 Cybersecurity Regulations