Are You Up For The Challenge?
How would you feel if you were asked to certify your cybersecurity program? Could the Chairman of the Board of your company do the same?
New York State announced the first in the nation Cybersecurity regulation to protect consumers – http://www.dfs.ny.gov/about/press/pr1702161.htm
The regulation requires a signed certification by the Senior Official certifying compliance to the new regulation annually. The first certification is due February 15, 2018.
The stakes on cybersecurity assurance just got higher and New York is unlikely to be the only state to pass this kind of regulation. With the increasing frequency of hacks in the news, consumers are more exposed than ever. With a certification, companies will have increased liability. In the event of future breaches, companies who have certified will have to answer why they were comfortable signing the certification prior to the breach.
Companies with large information security investments will find it easier to meet the requirements, or already are meeting the requirements. Companies with smaller investments will find that they will need all the time they can get to remediate their environments.
Is your organization up for the challenge? How do you know that you can certify your program?
Here’s an outline of what you should be doing starting today:
- Assess your cybersecurity risk
- Develop your cybersecurity foundation
- Incorporate technical measures
- Develop organizational measures
- Prepare for a cyber attack
There are exceptions to the new regulation based on company size and other factors.
ERMProtect can put you to the challenge and help you get ready for what may become the most important certification in your organization. Please forward this to other companies that may need to comply with the New York State Cybersecurity regulations.
Turn your employees into a human firewall with our innovative Security Awareness Training.
Our e-learning modules take the boring out of security training.
Get a curated briefing of the week's biggest cyber news every Friday.