Senator Mike Nozzolio announced that the New York State Senate enacted four measures to crack down on cyber terrorism and its rapidly expanding threat to the state's security and finances. The legislation would enact tougher penalties for cyber-related crimes, create cyber security programs to identify potential risks and threats, and require the state to perform a comprehensive review of all its cyber security measures every five years.

"Cyber-terrorism continues to be one of the most serious threats to our national security and our personal privacy, and I am proud to work with my colleagues to address this vitally important issue," said Nozzolio. "These measures enacted in the Senate will enhance New York State's cyber-security and help protect our citizen's personal information, while strengthening penalties for those found guilty of cyber crimes."

The Senate passed legislation, S3407, that would establish the New York State Cyber Security Initiative to ensure that the state has a proper cyber security defense system in place. Specifically this measures includes:

The New York State Cyber Security Sharing and Threat Prevention Program:  Increases the state's quality and readiness of cyber threat information that will be shared with the public and private sectors;

New York State Cyber Security Critical Infrastructure Risk Assessment Report:  Seeks recommendations from experts to identify security threats facing the state, its businesses, and its citizens, as well as develop effective ways to combat these security threats; and

The New York State Cyber Security Advisory Board: Assists the state in making recommendations and finding ways to protect its critical infrastructure and information systems, being codified into law.

Also approved by the Senate this week was S3404 that would create new penalties for cyber crimes. Under this measure, it would be a Class A felony for any person found guilty of intimidating, coercing, or affecting the public or a government entity by causing mass injury, damage, or debilitation of people or their property, including computers and related programs, data networks, or material. A new Class C felony would include anyone who uses a computer to cause serious financial harm affecting more than 10 people.

Additional legislation, S3406, would make it a Class B felony for those who use a computer or device to carry out a cyber attack when such an attack causes financial harm in excess of $100,000 to another person, partnership, or corporation, individually or collectively.

The Senate also enacted a measure, S3405, that would require the Division of Homeland Security and Emergency Services to work with the Superintendent of State Police, the Chief Information Officer, and the President of the Center for Internet Security to complete a comprehensive review of New York's cyber security measures every five years, and create a sequential report to summarize its findings. The report would identify the state's security needs and detail how those needs are being met to ensure that the best security practices are in place to protect New Yorkers from cyber terrorism.

The bills were sent to the Assembly.

v11i9