Originally published in 2017, 23 NYCRR 500 was a first-in-the-nation attempt at creating standards for the financial services industry in protecting nonpublic information. These amendments would be the first major changes to the regulation since its adoption. The publishing of the regulation in the State Register begins a 60-day comment period. During this time, the public is encouraged to submit comments.
When the comment period ends, DFS is required by law to review all received comments and either repropose a revised version or adopt the final regulation.
PIA explains the amendments
PIA had the opportunity to review and comment on an earlier version of the amendments. Here is a section-by-section detailed analysis of the proposed amendments.
If you are looking for a quick overview of the amendments, you can find it here.
For more information on multi-factor authentication, check out these articles:
Capacity enhancement guide—implementing strong authentication.
An explanation multi-factor authentication
Bradford J. Lachut, Esq.
Bradford J. Lachut, Esq., joined PIA as government affairs counsel for the Government & Industry Affairs Department in 2012 and then, after a four-month leave, he returned to the association in 2018 as director of government & industry affairs responsible for all legal, government relations and insurance industry liaison programs for the five state associations. Prior to PIA, Brad worked as an attorney for Steven J. Baum PC, in Amherst, and as an associate attorney for the law office of James Morris in Buffalo. He also spent time serving as senior manager of government affairs as the Buffalo Niagara Partnership, a chamber of commerce serving the Buffalo, N.Y., region, his hometown. He received his juris doctorate from Buffalo Law School and his Bachelor of Science degree in Government and Politics from Utica College, Utica, N.Y. Brad is an active Mason and Shriner.