- Products & Services
- Knowledge Base
Although 23 NYCRR Part 500 has come into effect, there are many companies around New York that are either not compliant at all or are only partially compliant.
NEW YORK, NY, October 18, 2018 /24-7PressRelease/ -- CompCiti Business Solutions has announced a successful project delivery of 23 NYCRR Part 500 compliance assessment for a major international bank operating in New York. With the completion of the assessment project, the bank has ensured compliance with a mandatory section of 23 NYCRR Part 500 regulation.
The NY Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR 500) makes it mandatory for financial institutions governed by the NYDFS to take specified steps towards strengthening cybersecurity policies.
Rapid rise in sophisticated cyber-attacks and data-breach episodes has adversely affected the business world on a global scale. Financial Institutes in New York have also had its fair-share of data-breach instances in the last decade. As a result of such cyber-attacks, the industry has suffered severe financial and economic consequences. Major institutions had to either shut-down completely or drastically reduce workforce due to the financial losses caused by data-breach. Decline in consumer trust reflected low confidence amongst investors in the industry, subsequently limiting the overall industry growth rate prospect.
In order to combat cyber-attack and data-breach threats, financial institutes must develop formal data security guidelines and implement them industry-wide. These guidelines would help companies with better preparedness against cyber-attacks, identify security vulnerabilities and take proper measures to limit the damage in case of a data-compromise. The NY Department of Financial Services (NYDFS) introduced the cybersecurity regulation 23 NYCRR Part 500 to establish a standard data security and protection policy. The regulation applies to all entities operating under or required to operate under DFS licensure, registration, or charter, and includes state-chartered banks, licensed lenders, private bankers, mortgage companies, insurance companies, foreign banks licensed to operate in New York.
The NYDFS Cybersecurity Regulation imposes strict cybersecurity guidelines for covered organizations, mandating the development of a detailed cybersecurity plan, designating a Chief Information Security Officer (CISO), the enactment of a comprehensive cybersecurity policy, and the initiation and maintenance of an ongoing reporting system for cybersecurity events.
The regulation includes multiple sections of guidelines that financial institutes must comply by the given deadlines in order to be fully compliant. For CompCiti, the scope of this compliance assessment project included reviewing the existing set-up and then creating a comprehensive cybersecurity program that identifies any security vulnerabilities to mitigate risks. CompCiti helped the international bank assess their IT infrastructure, identify the gaps and create a plan of action to bridge those gaps, and assist them to comply with 23 NYCRR 500.
Upon the successful delivery of the compliance project, Sam Vohra, CEO of CompCiti, said, "Although 23 NYCRR Part 500 has come into effect, there are many companies around New York that are either not compliant at all or are only partially compliant. At CompCiti, we have made it a top priority to help all affected financial institutions comply."
CompCiti Business Solutions, Inc. provides its clients what few other IT companies in New York can: expertise and insights developed since business networking began. CompCiti's focus on cybersecurity and cyber management services set it above other business networking services. CompCiti secures networks and other IT systems against all cyber-threats, including viruses, hackers, and ransomware.
To find out more information about CompCiti's 23 NYCRR Part 500 compliance services, please call 212.594.4374 or visit CompCiti.com.
# # #