New York State Department of Financial Services (NYDFS)
Cybersecurity (NYCRR 500)
The Cybersecurity (NYCRR 500) Playbook addresses the following areas:
- Cybersecurity Program
- Cybersecurity Policy
- Chief Information Security Officer
- Penetration Testing and Vulnerability Assessments
- Audit Trail
- Access Privileges
- Application Security
- Risk Assessment
- Cybersecurity Personnel and Intelligence
- Third Party Service Provider Security Policy
- Multi-Factor Authentication
- Limitations on Data Retention
- Training and Monitoring
- Encryption of Nonpublic Information
- Incident Response Plan
- Notification of Cybersecurity Event(s) Confidentiality