Filing Deadline for NYDFS’s Cybersecurity Regulations 23 NYCRR 500 is 2/15/2018
Feb
15

Filing Deadline for NYDFS’s Cybersecurity Regulations 23 NYCRR 500 is 2/15/2018

The deadline is TODAY! to submit to the superintendent a Certification of Compliance with New York State Department of Financial Services Cybersecurity Regulations under section 500.17(b) of the 23 NYCRR 500.

Last March, the New York Department of Financial Services (NYDFS) issued Cybersecurity Regulations (23 NYCRR 500) that further expounded requirements that were not previously included or specifically defined in the SEC OCIE release. The Cybersecurity Regulations took effect on March 1, 2017 with the transition period to comply with requirements ending on August 28, 2017. Covered Entities are required to submit the first certification under 23 NYCRR 500.17(b) by today February 15, 2018, if not already done so.

And in two weeks on March 1, 2018, the one year transitional period ends. Covered Entities are required to be in compliance with the requirements of sections 500.04(b), 500.05, 500.09, 500.12 and 500.14(b) of 23 NYCRR Part 500.

 

Upcoming 23 NYCRR 500 Key Dates to remember:

  • March 1, 2018 – One year transitional period ends. Covered Entities are required to be in compliance with the requirements of sections 500.04(b), 500.05, 500.09, 500.12 and 500.14(b) of 23 NYCRR Part 500.
  • September 3, 2018 – Eighteen month transitional period ends. Covered Entities are required to be in compliance with the requirements of sections 500.06, 500.08, 500.13, 500.14(a) and 500.15 of 23 NYCRR Part 500.
  • March 1, 2019 – Two year transitional period ends. Covered Entities are required to be in compliance with the requirements of 23 NYCRR 500.11.

 

Here’s a summary of the 23 NYCRR 500 requirements and FAQs regarding Cybersecurity Regulations.