Senator Gonzalez’s Bill To Bolster Cybersecurity Passes New York State Senate

NEW YORK - Today, the Secure Our Data Act (S.5007), sponsored by Committee Chair Kristen Gonzalez (SD 59-D/WFP), passed the Senate Internet and Technology Committee. This legislation would prepare and protect New York state entities against ransomware attacks by:

  • requiring the Office of Information and Technology Services to develop data protection standards for state agencies; 
  • requiring state entities to engage in regular vulnerability testing of its information systems; 
  • requiring each state entity to create an inventory of its information systems; and 
  • requiring each state entity to develop an incident response plan for ransomware and other malware attacks. 

“The volume of cyberattacks shows that we are underprepared for online threats and must strengthen the systems that store our information,” said State Senator Kristen Gonzalez. "The New York State government has an immense amount of data on New York citizens. That information should not be vulnerable to breaches. New Yorkers should never have to fear that their personal information is at risk because they have interacted with a state agency. With the Secure Our Data Act, the state would be taking proactive steps to protect that information. I am glad that the Senate is taking the threat cyberattacks pose seriously, and I remain committed to protecting our data and ensuring our state has strong cybersecurity measures in place.” 

According to the National Association of State Chief Information Officers, there has been a “fivefold increase in phishing attacks in the last three years.” Similarly, since 2017, more than 3,600 local, state, and tribal governments across the country have been targeted by ransomware hackers.