The first transitional phase of the New York State’s Department of Financial Services (NYS DFS) cybersecurity regulation is upon us. As of August 28th, 2017 covered entities are required to be in compliance with the first phase of the 23 NYCRR Part 500 standard.
The NYS DFS was kind enough not drop the entire regulation on businesses all at once and broke up adherence within transitional phases. This means organizations will have the opportunity create a phased approach based off these transitional phases to become compliant over the next two years.
With the first phase expiring shortly it means covered entities are required to have these particular aspects of the regulation in place during this timeframe.
For the first transitional phase covered entities that aren’t exempt will need to adhere to the following sections within the guidance. Read the rest of my article at HelpNetSecurity here:
https://www.helpnetsecurity.com/2017/08/23/nys-dfs-cybersecurity-transitional-phase/
The NYS DFS was kind enough not drop the entire regulation on businesses all at once and broke up adherence within transitional phases. This means organizations will have the opportunity create a phased approach based off these transitional phases to become compliant over the next two years.
With the first phase expiring shortly it means covered entities are required to have these particular aspects of the regulation in place during this timeframe.
For the first transitional phase covered entities that aren’t exempt will need to adhere to the following sections within the guidance. Read the rest of my article at HelpNetSecurity here:
https://www.helpnetsecurity.com/2017/08/23/nys-dfs-cybersecurity-transitional-phase/
No comments:
Post a Comment