Due to the outbreak of COVID-19, the deadline for Certification of Compliance with the DFS Cybersecurity Regulation (23 NYCRR Part 500) www.dfs.ny.gov/docs/legal/regulations/adoptions/dfsrf500txt.pd for calendar year 2019 has been extended from its original deadline of April 15, 2020 to June 1, 2020.
All Covered Entities and licensed persons who are not fully exempt from the Regulation are required to submit a Certification of Compliance no later than June 1, 2020, attesting to their compliance for the 2019 calendar year.
Here’s a link to the DFS Filing Requirements and Instructions: https://www.dfs.ny.gov/industry_guidance/cyber_filings/requirements