New York Gov. Kathy Hochul has approved new state cybersecurity legislation aimed at advancing a "whole of government approach" to bolstering cybersecurity amid increasingly prevalent threats against state and local governments across the U.S., according to StateScoop.
Aside from requiring yearly cybersecurity awareness training for state, city, county, or district government employees beginning next year, the new law also mandates all state government offices to provide cyber incident and ransomware payment notifications to the state's Homeland Security office within 72 hours and 24 hours, respectively. Updated data protection standards for state information systems will also be created under the law, which also compels routine technology system inventories. "Cyber threat actors will continue to change their tactics in an attempt to find even the slightest vulnerability, but as a State we will continue to adapt, evolve, educate and strengthen our overall defenses to aggressively and proactively meet this challenge," said New York CIO Dru Rai.
Aside from requiring yearly cybersecurity awareness training for state, city, county, or district government employees beginning next year, the new law also mandates all state government offices to provide cyber incident and ransomware payment notifications to the state's Homeland Security office within 72 hours and 24 hours, respectively. Updated data protection standards for state information systems will also be created under the law, which also compels routine technology system inventories. "Cyber threat actors will continue to change their tactics in an attempt to find even the slightest vulnerability, but as a State we will continue to adapt, evolve, educate and strengthen our overall defenses to aggressively and proactively meet this challenge," said New York CIO Dru Rai.
