IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

New York ITS to Notify Agencies of Breaches Within 24 hours

The effort comes from a recently enacted bill requiring the Office of Information Technology Services to notify state agencies of any data breaches and plans to remediate cyber attacks within 24 hours of discovery.

Security,Access,Alert,Message,Over,Holographic,Cyber,City,And,Buildings.
Shutterstock
New York state agencies will now be notified by the Office of Information Technology Services (ITS) within 24 hours of any cybersecurity-related events under the terms of a recently enacted bill.

According to a spokesperson from bill sponsor Sen. Liz Krueger’s office, the State Comptroller’s Office drafted the legislation after the Office of Information Technology Services discovered a data breach in January 2020.

At the time, the spokesperson said, those affected by the breach were not notified until months after the issue was made public in a Wall Street Journal article.

As a result, the legislation was drafted to ensure that ITS was not only responsible for informing impacted agencies about a breach, but would also be required to share plans to remediate the issue and prevent future breaches.

“We believe that the bill as amended strikes a proper balance between ensuring the timely sharing of information with state agencies and allowing ITS and others to quickly and aggressively respond in the event a breach should occur,” state CIO Angelo Riddick said via email.

“At ITS,” he continued, “We take every threat seriously and utilize endpoint detection and other measures to perform 24/7 global monitoring of the state’s network and communicate with agencies about cyber issues on a regular basis.”

As a result, he added, ITS strongly supports the efforts of the governor and members of the Legislature to shine a light on how important cybersecurity is to the overall health of New York state, especially in light of the increase in potential threats that information security is now seeing.

The bill is currently in effect, with ITS adopting its procedures accordingly.
Katya Maruri is a staff writer for Government Technology. She has a bachelor’s degree in journalism and a master’s degree in global strategic communications from Florida International University.