Cybersecurity Policy

What is a Cybersecurity Policy?

23 NYCRR 500, Cybersecurity Policy, Cybersecurity Program, NY DFS CybersecurityJuly 6, 2020

I’ve spent a great deal of time digging into cybersecurity policies over the years. I’ve seen the good, the bad and the ugly. In fact, back in the day, my first job out of college involved helping one of the largest banks in the United States develop its very first Cybersecurity Policy and Incident Response…

Am I Exempt from New York’s Cybersecurity Regulation?

23 NYCRR 500, Cybersecurity Policy, Cybersecurity Program, NY DFS CybersecurityMarch 9, 2020

“I’m a small agency, so the New York regulation doesn’t apply to me, right?” This is perhaps the most common question, or rather misunderstanding, related to the New York Department of Financial Services cybersecurity regulation. At a recent conference in the northeast, we heard “I only have four employees” or “I only do about $1M…