On March 1, 2017, the Department of Financial Services enacted a regulation establishing cybersecurity requirements for financial services companies, 23 NYCRR Part 500 (referred to below as “Part 500” or “the Cybersecurity Regulation”). Part 500 was amended for the first time in April 2020 to change the date of the required annual certification filing from February 15 of each year to April 15.
