The document is also known by its formal title, “Cyber Security Requirements for Financial Services Companies”, and is comprised of a set of regulations which are intended to establish minimum regulatory standards, to encourage the establishment and continued development of cyber security programs for financial companies.
All Agencies at Minimum Will Need to Have The Following Elements
- Establish a Cybersecurity program
- Implement policies & procedures to secure non-public information
- Limit access privileges to non-public information and review it regularly
- Conduct Risk Assessments at least once a year or whenever a process has changed or introducing new system
- Third Party Service Provider Security Policy
- Limitation on Data Retention for disposal of nonpublic information stored in hard drives and other devices
- Provide notice to Superintendent of a computer network breach
Start Your Compliance With 23 NYCRR 500 TODAY
Call 646-560-5083 today to determine how safe your data and vital resources really are.