New York Increases Cybersecurity Rules for Financial Companies
Another example of a large and influential statethe federal government won’t:
Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say. Directors must sign off on cybersecurity programs, and ensure that any security program has “sufficient resources” to function.
In a new addition, companies now face significant requirements related to ransom payments. Regulated firms must now report any payment made to hackers within 24 hours of that payment.
Posted on November 3, 2023 at 7:01 AM •
Sidebar photo of Bruce Schneier by Joe MacInnis.
SOURCE : www.schneier.com