And So, It Grows
First, it was a widespread, if not generic, notion – you need to protect your personal information. Then we began to call it cybersecurity, and it was applicable to your business as well. It was still a concept that blanketed data generically – the overall message was that you need to protect all of the data. Change passwords, use firewalls. Do you have an anti-virus installed?
Then we started to see different states identify regulations for putting cybersecurity standards in place. HIPAA addresses security on a federal level to a degree, but not enough and not with complete coverage, as we are seeing with the various breaches that occur in the healthcare industry.
Now we’re addressing it in a more targeted and specific manner, addressing verticals within the business markets. Recently the state of NY created a cybersecurity division that is tasked with protecting consumer and industries from cyber threats. It is said to be the first of its kind for a banking or insurance regulator. With increasing threats to the financial services industry, the creation of this department and subsequent leadership role of Justin Herring were a necessity.
Herring will be tasked with enforcing DFS cybersecurity regulations, acting in an advisory role, providing guidance, and conducting investigations. His department will also act in a preventative role by informing the public and coordinating existing content and information about cybersecurity.
This initiative comes to New York just two years after Governor Cuomo established a cybersecurity regulation that sets requirements for security to protect the financial and consumer industry.