From: RegBlog | Penn Program on Regulation
The United States faces an impending “cyber Pearl Harbor,” according to former Defense Secretary Leon Panetta. Signs of the nation’s vulnerability include a recent hack of 20 million personnel records from a government agency and another hack of 40 million credit card accounts from Target.
Recognizing that cyberattacks target both government and private sector organizations, New York regulators are looking to bolster oversight of financial companies’ cybersecurity practices with a new rule that would require those companies to establish a cybersecurity program and designate a Chief Information Security Officer (CISO) to manage it. Other requirements include safeguarding information accessible to third-parties, building a cybersecurity workforce, and developing a response plan for cyber incidents.
Leave a Reply