A new law covers online ransom attempts, cybersecurity training and other areas. The move comes as the Empire State works to increase its power in artificial intelligence and other digital areas.
Local governments in New York state have new cybersecurity reporting responsibilities.
A new law gives municipalities and public authorities 72 hours to report cybersecurity “incidents” to the state’s Division of Homeland Security and Emergency Services (DHSES), according to a statement from Gov. Kathy Hochul.
Ransom payments require reporting within 24 hours. That could potentially lead to more state help for local agencies faced with such demands — part of the increasing trend toward whole-of-state cybersecurity protection.
The law also requires government employees throughout the state to undergo annual cybersecurity training, and mandates data protection systems for information systems maintained by the state government.
“My top priority as governor is the security and safety of all New Yorkers, and with this legislation we’re strengthening our ability to respond to and ultimately prevent cyber threats all across our state,” Hochul said in the statement. “As global conflicts escalate and cyber threats evolve, so must our response, and we are taking a whole of government approach in doing so.”
Meanwhile, the sense of urgency around cybersecurity keeps increasing — the latest example involves a federal government warning that Iranian hackers could strike the U.S.
The statement said that “state and local governments are on the front lines of a growing wave of cyberattacks that threaten essential services and public data.”
