New regulations on cybersecurity have been published by the New York State Department of Financial Services. 23 NYCRR Part 500 will have a major impact on American business as it has serious requirements and mandates for all financial services companies doing business in New York state–which of course are almost all of them. A good article on the topic is is at https://digitalguardian.com/blog/what-nydfs-cybersecurity-regulation-new-cybersecurity-compliance-requirement-financial. Significant requirements include:

• Policy & Program: Covered entities must instate and maintain a documented cybersecurity policy, and adopt a robust cybersecurity program, by August 28, 2017.
• CISO: Designate a qualified Chief Information Security Officer (CISO) to oversee and implement the cybersecurity program and enforce policy.
  • The CISO must submit a written report annually to the Board of Directors and an annual compliance certification to the Department of Financial Services.
• Data encryption: Organizations must enact controls, including encryption of sensitive data, depending on the outcome of a risk assessment.
• Continuous monitoring: Covered entities must continuously monitor cybersecurity functionality OR conduct annual penetration testing and bi-annual assessments.
• Enhanced multi-factor authentication: Covered institutions must employ multi-factor authentication for all inbound connections to the entity’s network.
• Incident reporting: Covered entities must document and report all cybersecurity events.

Student Membership in the Association of Information Technology Professionals (AITP) is now free since their merger with CompTIA. Among the significant benefits provided to student members is 33% to 60% savings on CompTIA exam vouchers & training products, but there are many more including great networking opportunities. Chicago has one of the largest AITP Chapters in the country and is very active. This costs NOTHING and every ITM student should sign up for their free student membership at https://www.aitp.org/join-now/Register/Student/ and then sign onto the Chicago Chapter email list at https://aitpchicago.com/membership/join-aitp-mailing-list-only/.