NYS DFS releases FAQs around cybersecurity regulation
Effective March of 2017, the New York State Department of Financial Services’ (NYS DFS) Cybersecurity Regulation (23 NYCRR 50) was implemented for all defined “covered entities.” Since the time of the announcement, there have been various questions around what is considered a “covered entity” and the requirements of these entities. On March 23, 2018, the NYS DFS published a revised frequently asked questions (FAQ) document on their website to provide additional clarity around: