On Feb. 15, the first of several important milestones in New York's new cybersecurity regulations, called 23 NYCRR 500, will compel the state's financial services companies to adopt policies to keep their data safe. The regulations, handed down by the New York State Department of Financial Services, are the first of their kind in the country.

As other states consider the adoption of similar regulations, financial services companies in the rest of the U.S. would do well to follow the roll-out of 23 NYCRR 500 and the ways in which covered entities are working to meet the new requirements. Affected companies include banks, insurers and investment companies licensed by or operating in New York State. 23 NYCRR 500 excludes companies with fewer than 10 employees and contractors, or less than $5 million in New York gross annual revenue, or less than $10 million in year-end assets.

Continue Reading for Free

Register and gain access to:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.