Now is the time to act.

Now is the time to act.


It is now, more than ever, crucial for legal and financial institutions to implement cybersecurity compliance programs. GLC enables your firm to meet the technical challenges of complying with New York State Department of Financial Services 23 NYCRR 500 with ease.

GLC Process

  • Analysis: We determine areas needing improvement. A combination of powerful automated auditing tools and our compliance services team expertise will identify areas that are not meeting the desired standard.
  • Remediation: In this phase we act on our analysis, and close the gaps identified. The expertise of our consultants will be applied to quickly adjust your systems towards compliance.
  • Follow-Through: This phase ensures your firm remains compliant. Our compliance services team will re-visit problem areas, as well as identify new areas of potential vulnerability.


Key Dates

March 1, 2017: 23 NYCRR 500 becomes effective.

August 28, 2017: 180 day transitional period ends.

September 27, 2017: Initial 30 day period for filing Notices of Exemption ends.

February 15, 2018: Covered Entities are required to submit the first certification.

March 1, 2018: One year transitional period end.

September 3, 2018: Eighteen month transitional period ends.

March 1, 2019: Two year transitional period ends.