New York Increases Cybersecurity Rules for Financial Companies

6 months ago AndyC

New York Increases Cybersecurity Rules for Financial Companies
Another example of a large and influential state doing things the federal government won’t:

Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk m

New York Increases Cybersecurity Rules for Financial Companies

Another example of a large and influential state doing things the federal government won’t:

Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say. Directors must sign off on cybersecurity programs, and ensure that any security program has “sufficient resources” to function.

In a new addition, companies now face significant requirements related to ransom payments. Regulated firms must now report any payment made to hackers within 24 hours of that payment.

Tags: , , , ,

Sidebar photo of Bruce Schneier by Joe MacInnis.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , ,

More Stories

LockBit gang claimed responsibility for the attack on City of Wichita

LockBit gang claimed responsibility for the attack on City of Wichita

1 hour ago AndyC
New TunnelVision technique can bypass the VPN encapsulation

New TunnelVision technique can bypass the VPN encapsulation

1 hour ago AndyC
LiteSpeed Cache WordPress plugin actively exploited in the wild

LiteSpeed Cache WordPress plugin actively exploited in the wild

7 hours ago AndyC
Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606

Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606

7 hours ago AndyC
UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 

UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 

13 hours ago AndyC
Law enforcement agencies identified LockBit ransomware admin and sanctioned him

Law enforcement agencies identified LockBit ransomware admin and sanctioned him

19 hours ago AndyC

You may have missed

From Spam to AsyncRAT: Tracking the Surge in Non-PE Cyber Threats

1 hour ago AndyC
LockBit gang claimed responsibility for the attack on City of Wichita

LockBit gang claimed responsibility for the attack on City of Wichita

1 hour ago AndyC
New TunnelVision technique can bypass the VPN encapsulation

New TunnelVision technique can bypass the VPN encapsulation

1 hour ago AndyC
Are You the Type of Player Who Makes IT Happen?

Are You the Type of Player Who Makes IT Happen?

1 hour ago AndyC
Businesses lack AI strategy despite employee interest — Microsoft survey

Businesses lack AI strategy despite employee interest — Microsoft survey

1 hour ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.