The New York Cybersecurity Regulation (NY DFS 23 NYCRR 500), released by the New York Department of Financial Services, mandates a set of cybersecurity requirements for financial services companies operating within the state. Title 23 NYCRR 500 is designed to promote the protection of customer information as well as the information technology systems of regulated entities. This regulation was created in response to the increasing threats posed to information and financial systems by nation-states, terrorist organizations, and independent criminal actors.