From: Governing
The state is on track to enacting first-in-the-nation rules about how banks respond to cyberattacks. Some say they’re misguided.
![Share on Facebook Facebook](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/facebook.png)
![Share on Twitter twitter](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png)
![Share on Google+ google_plus](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/google_plus.png)
![Share on Reddit reddit](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/reddit.png)
![Pin it with Pinterest pinterest](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/pinterest.png)
![Share on Linkedin linkedin](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/linkedin.png)
![Share by email mail](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/mail.png)
From: Governing
by Tod Newcombe
New York Gov. Andrew Cuomo announced in September a first-in-the-nation regulation designed to protect the state from the growing threat of cyberattacks. The proposed rule targets the state’s financial services institutions, requiring banks and insurance companies to establish a cybersecurity program and designate a chief information security officer.
***
The regulation, which was subject to a public comment period that ended last month and is expected to go into effect next month, lays out a clear framework for how financial companies are to identify, protect, detect, respond and recover from a cyberattack. It sets standards that have to be reviewed regularly and requires that third-party service providers’ cybersecurity programs are evaluated. In a statement, Cuomo said the regulation will help guarantee that the “financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyberattacks to the fullest extent possible.”
Leave a Reply