The New York state Department of Financial Services' cybersecurity regulation - 23 NYCRR Part 500 - has been in effect for nearly a year now, and covered entities face some significant compliance milestones in 2018. This regulation puts new demands on financial institutions for security leadership, breach notification and vender risk management, and it is likely to inspire similar regulations in other US states. But where does 23 NYCRR Part 500 fit in among other cybersecurity requirements for FIs, and what should security organizations be doing to demonstrate conformance early in 2018?
Register for this session to gain first-hand advice and insight from two noted experts: Ronald Raether, a partner in the Financial Services Litigation Group at law firm Troutman Sanders; and John Walp, former CISO of M&T Bank in New York. Raether and Walp will cover topics such as:
- How to prepare for key 2018 compliance deadlines;
- The role third-party vendors play in your institution's ability to comply;
- Areas that are often overlooked, including the need to review retention and disaster recovery policies.