Albany, NY - February 27, 2015 - Senator Ken LaValle reports that the Senate passed a series of bills to fight cyber terrorism yesterday. The State Senate passed four bills to crack down on cyber terrorism and its rapidly expanding threat to the state’s security and finances. The legislation would result in tougher penalties for cyber-related crimes, create cyber security programs to identify potential risks and threats, and require the state to perform a comprehensive review of all its cyber security measures every five years.
Senator LaValle said, “Data breaches have become more and more commonplace. These computer security breaches represent threats to our state and personal privacy of New York residents. The measures we passed would help protect the vital information of private citizens, and provide a framework to make New York State’s computer infrastructure the most secure in the nation.”
The Senate passed legislation (S3407) that would establish the New York State Cyber Security Initiative to ensure that the state has a proper cyber security defense system in place. It includes:
- The New York State Cyber Security Sharing and Threat Prevention Program to increase the state’s quality and readiness of cyber threat information that will be shared with the public and private sectors;
- A New York State Cyber Security Critical Infrastructure Risk Assessment Report to seek recommendations from experts to identify security threats facing the state, its businesses, and its citizens, as well as develop effective ways to combat these security threats; and
- The New York State Cyber Security Advisory Board, which assists the state in making recommendations and finding ways to protect its critical infrastructure and information systems, being codified into law.
Also approved by the Senate was a bill (S3404) that would create new penalties for cyber crimes. Under the measure, it would be a Class A felony for any person found guilty of intimidating, coercing, or affecting the public or a government entity by causing mass injury, damage, or debilitation of people or their property, including computers and related programs, data networks, or material. A new Class C felony would include anyone who uses a computer to cause serious financial harm affecting more than 10 people.
Senate bill (S3406) would make it a Class B felony for those who use a computer or device to carry out a cyber attack when such an attack causes financial harm in excess of $100,000 to another person, partnership, or corporation, individually or collectively.
The Senate also passed a measure (S3405) that would require the Division of Homeland Security and Emergency Services to work with the Superintendent of State Police, the Chief Information Officer, and the President of the Center for Internet Security to complete a comprehensive review of New York’s cyber security measures every five years, and create a sequential report to summarize its findings. The report would identify the state’s security needs and detail how those needs are being met to ensure that the best security practices are in place to protect New Yorkers from cyber terrorism.
The bills will be transferred to the Assembly for consideration.