Security
New York Increases Cybersecurity Rules for Financial Companies
New York Increases Cybersecurity Rules for Financial Companies
Another example of a large and influential state doing things the federal government won’t:
Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say. Directors must sign off on cybersecurity programs, and ensure that any security program has “sufficient resources” to function.
In a new addition, companies now face significant requirements related to ransom payments. Regulated firms must now report any payment made to hackers within 24 hours of that payment.
Posted on November 3, 2023 at 7:01 AM •
6 Comments
Sidebar photo of Bruce Schneier by Joe MacInnis.