Webinar: NYS DFS Part 500 - The Deadline Is Looming, Can You Certify Compliance?

February 6, 2018
10:00 am

February 15 is the deadline for all covered entities to self-certify under 23 N.Y.C.R.R. Part 500 that they have been in compliance with NYS DFS’s new cybersecurity regulations for calendar year 2017.  

Co-Speaker: Reg Harnish, CEO of GreyCastle Security

If you are a Covered Entity under the new regulations, are you ready to self-certify?  Have you even determined whether you are a Covered Entity yet?  Who will sign your certification, and what are the consequences if you make a mistake in certifying compliance?  What guidance has NYS DFS given in the past five months since the new regulations came into practical effect that may change your views on whether your organization is compliant?  After I certify, what comes next from NYS DFS?

GreyCastle and Harter Secrest are teaming up again to provide both legal and cyber security insight into NYS DFS Part 500 compliance and the challenges inherent in self-certification.  Both Reg and Paul have deep experience advising clients of all sizes in relation to Part 500, and can provide real-world examples of what has worked and what has not worked in standing up a Part 500 compliance program.

Other issues to be addressed in the webinar include:

  • Part 500 requirements in force for self-certification
  • Part 500 requirements coming into force in the future
  • Where to find Part 500 regulatory guidance
  • How to use the DFS portal, and what to watch out for
  • The role of the risk assessment in Part 500 compliance
  • Potential DFS action in relation to non-compliance
  • Building a Part 500 compliance program that fits all of your information security compliance needs

< Back To Events


This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel