This month’s December 2017 edition of the HIA-LI Reporter, page 30, features Total Technology Solutions’ IT Consultant, Jon Berlin on cybersecurity compliance. Specifically, the purpose of educational article is to share important information related to the cybersecurity regulation mandated by the New York State Department of Financial Services (NYS DFS) in the past year. The NYS DFS cybersecurity regulation outlines requirements ranging from written cybersecurity policies and employee training, to encryption and business continuity planning, to hiring Chief Information Security Officers (CISO). Largely, the regulations are applicable to banks, insurance companies, and other financial institutions. Non-compliance with the regulations could translate to hefty fines.
Also related to cybersecurity compliance, the New York Attorney General has introduced new legislation, the Stop Hacks and Improve Electronic Data Security (SHIELD) Act. The SHIELD Act is a direct response to the recent Equifax breach, in which the Attorney General’s office seeks to “close major gaps in New York’s data security laws,” and provide reasonable security for private information, using standards tailored to the size of the business, and providing incentive to businesses that certify security compliance. See NY Attorney General website for more information.