New York State Department of Financial Services (NYDFS)

Cybersecurity (NYCRR 500)

The Cybersecurity (NYCRR 500) Playbook addresses the following areas:

  • Cybersecurity Program
  • Cybersecurity Policy
  • Chief Information Security Officer
  • Penetration Testing and Vulnerability Assessments
  • Audit Trail
  • Access Privileges
  • Application Security
  • Risk Assessment
  • Cybersecurity Personnel and Intelligence
  • Third Party Service Provider Security Policy
  • Multi-Factor Authentication
  • Limitations on Data Retention
  • Training and Monitoring
  • Encryption of Nonpublic Information
  • Incident Response Plan
  • Notification of Cybersecurity Event(s) Confidentiality

Back (Small2)