zulie42

Under 23 NYCRR § 500.19, a Covered Entity qualifies for a limited exemption only when the year-end total assets of the Covered Entity combined with year-end total assets of all its Affiliates, totals less than $10 million. Note that, for purposes of this exemption, year-end total assets includes all assets of all affiliates regardless of location. Materials in this section were on our Cybersecurity Resource Center previously. Given the evolving cybersecurity landscape, they have been replaced with materials set forth in the other sections of this Cybersecurity Resource Center. Everything currently required of Covered Entities can be found in the sections above and the materials in the other sections supersede any conflicting material that might be found below. Instead, focus on metrics related to specific outcomes that prove your cybersecurity program is credible and defensible. No organization is 100% secure, and organizations cannot control threats or bad actors. Cybersecurity is