Cybersecurity Requirements for Financial Services Companies (23 NYCRR part 500)

The financial services industry continues to be a significant target of cyber threats from state actors and criminal enterprises.
 
Given the seriousness of the issue and the risks, the New York Department of Financial Services’ (NYDFS) regulation Cybersecurity Requirements for Financial Services Companies (23 NYCRR part 500) was brought into force on March 1, 2017, with a deadline for complete compliance by March 1, 2019. 
Part 500 represents the first regulation of its kind, impacting all firms operating in the financial services industry within the state of New York, and was designed to protect the personal data of firm customers. The Requirements mandate that covered entities establish a cybersecurity program that incorporates encryption of “nonpublic information,” conducting periodic risk assessments, management of third party risks, and periodic reporting. 
 
Foundational components for an effective cybersecurity program include a robust data discovery and classification system, an ability to understand the organization’s risk landscape and mitigate accordingly, and a set of automated controls that meet the demands of a variety of data protection laws and regulations. Rounding this out is “regulator friendly” reporting that illuminates the state of the organization’s compliance posture.
 
Join Spirion and Sienna Group to learn how their combined solution can help you achieve compliance with this groundbreaking regulation in advance of the March 1, 2019 deadline.
 
Who should attend: Information security and cyber security, CIOs, CISOs, Data Protection Officers, Information Security Directors, Staff Attorneys, Compliance, and Security Auditors.

When: Tuesday, October 30, 2018 10:00 AM – 11:00 AM PDT

Click here to register!