The NYS DFS was kind enough not drop the entire regulation on businesses all at once and broke up adherence within transitional phases. This means organizations will have the opportunity create a phased approach based off these transitional phases to become compliant over the next two years.
With the first phase expiring shortly it means covered entities are required to have these particular aspects of the regulation in place during this timeframe.
For the first transitional phase covered entities that aren’t exempt will need to adhere to the following sections within the guidance. Read the rest of my article at HelpNetSecurity here:
*** This is a Security Bloggers Network syndicated blog from Frontline Sentinel authored by Matthew Pascucci. Read the original post at: http://feedproxy.google.com/~r/frontlinesentinel/qMCv/~3/HO6V-PbXZXc/whats-needed-for-first-nys-dfs.html