N.Y. cyber strategy puts pressure on banks, energy sector
By 
Kyle Brasseur2023-08-10T14:50:00
New York will closely monitor the cybersecurity protections in place at institutions in the financial and energy sectors as part of its first statewide cybersecurity strategy.
The strategy, released Wednesday, “provides a framework for aligning the actions and resources of both public and private New York stakeholders so that we can collectively work toward a shared vision for protecting New York,” wrote N.Y. Gov. Kathy Hochul. It includes five strategic pillars for successful implementation, one of which is focused on the regulation of critical industries.
Under that pillar is the financial sector, which is already subject to the 2017 Cybersecurity Regulation enforced by the New York State Department of Financial Services. The law has already resulted in penalties against institutions for failing to implement required controls, including a $4.25 million fine levied upon OneMain Financial Group in May.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefDOE offers supply chain cybersecurity guidance for energy, oil, gas industries
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
-
News BriefN.Y. hospitals face stiff cybersecurity requirements under proposed rules
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
-
News BriefFed report highlights emerging cyber threats, including generative AI
The Federal Reserve listed the proliferation of generative artificial intelligence tools among areas of emerging cybersecurity threats for banks to monitor as part of its annual resilience report.
More from Cybersecurity
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
PremiumFinancial crime in the shadows of the dark web
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.
-
News BriefAmerican Water Works discloses probe into cybersecurity breach
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.