Looking Inside New York State's Cyber Security Strategy


The Smart City Event is happening in about a month, and The Smart City Sentinel has been speaking with our speakers to get a bit of a preview of what attendees should expect from the conference.

Here, we spoke to Frank Bradshaw, CEO, Ho'ike Technologies, who will be a featured speaker in the following session:

Follow the Money: NY State Cyber Security Strategy: Implementing a no back door strategy, NY State has taken a bold stance on Cyber Security. 23 NYCRR 500 is the Cybersecurity rule for organizations under the watch of NY State's Department of Financial Services (DFS). Commonly called the NYS DFS Cybersecurity Act, it requires all organizations under the DFS umbrella (with a few exceptions) to have a sound, robust and auditable Cybersecurity program in place. Failure to meet the requirements could result in the organization being shut down.

Bradshaw began a career in IT by volunteering to lead a group to wire his dorm to being a technical trainer specializing in Lotus Notes and Cybersecurity. 10 years of being a CISSP Master trainer has given him an opportunity to have a hand in the growth of cybersecurity professionals. After many years of working in everything from startups to Fortune 500 companies, Frank Bradshaw now owns and runs Hoike Technologies, a cybersecurity managed services company that specializes in providing SMBs the same level of protection that Fortune 500 companies enjoy, at a price they can afford.

Here is a little preview of his thoughts:

Smart City Sentinel: What will be some key points you plan to hit in your session?
Frank Bradshaw: Several years ago, California passed the first breach notification law. It required a business to notify any California resident if their personal information may have been compromised. Now all 50 states and several territories all have breach notification laws on the books.

NY State is the first state to require certain businesses to have cybersecurity/information security programs in place. This is a game changer because once one state implements something of this magnitude and if it is successful, you will see many other states following suit. This could become the template for federal cybersecurity program standards. After Atlanta mishandled their recent ransomware attack, there is already talk of state legislatures requiring cybersecurity program for local municipalities.

SCS: What new insights can attendees expect to take home from your session?
FB: To understand what a cybersecurity program is, the many moving parts and how it benefits a municipality in the long run.

SCS: Can you identify a few important trends influencing your sector of the IoT which will shape the path of the industry? Why these?
Every day, hackers are exploiting IoT devices because the vast majority of them are unmonitored for malicious activity. In the last year, there was a report of a casino that had their internal network breached through an internet connected thermometer in an aquarium. The hackers gained access to the network through the thermometer. Once on the network, found a database of big spending patrons, and then extracted that database back out through the thermometer and into the cloud.

We have to make proactive steps to get control of IoT devices and to adequately monitor them, as well as segment them into their own network.

Why is this important? As billions of devices go online every day and connect to the internet, hackers know IoT devices are easy targets. Proactivity in securing them must be a top priority.

SCS: What are the biggest challenges facing the IoT? What are some important tools needed to overcome them?
From a cybersecurity perspective, what concerns us most is the ease in which an IoT device can be brought online.

With past clients, we have created policies for the proper review and deployment of all devices on the network.

Without those policies in place, anyone can plug anything into the network, without a proper security review.

That review is what stands between a secure network and a breached one.

SCS: Which vertical markets have the most to gain from IoT implementation? Which are leading and which are still behind the adoption curve?
Obviously, device manufacturers as well as importers. Thanks to Alibaba, there are a lot of IoT devices that can be branded.

SCS: What sessions (other than yours) are you most looking forward to attending at the Expo? Why?
Smart City Leverage – I think it’s fascinating to use infrastructure that already exists (including supplied electricity) for things like public Wi-Fi…even WIFI for a fee for non-residents.

Smart City: Enabling IoT Security and the Chain of Trust. This piggybacks with my discussion. You either enable this voluntarily or eventually it will become involuntary via law

As we are seeing, many municipalities are trying to use technology to allow them to engage more of their constituent. This comes at a price. Unfortunately, many undervalue security as a necessity and over look it….until it’s too late.

Register now to receive a $300 discount.

Ken Briodagh is a writer and editor with more than a decade of experience under his belt. He is in love with technology and if he had his druthers would beta test everything from shoe phones to flying cars.

Edited by Ken Briodagh

Editorial Director

Related Articles

Requirements for the New Era of IoT Security

By: Special Guest    11/20/2020

IoT security must be powerful enough to protect global enterprises and carrier networks, yet light enough to be embedded on an IC. Only approaches tha…

Read More

Internet of Things Cybersecurity Improvement Act Waiting on White House Approval

By: Maurice Nagle    11/20/2020

This week, the Senate approved the Internet of Things Cybersecurity Improvement Act (H.R. 1668) in unanimous fashion. The House passed the measure in …

Read More

Kinexon Collects Funding for Innovation in AI, Analytics & Assist the COVID Fight

By: Maurice Nagle    11/17/2020

Munich-based IoT outfit Kinexon announced a 15 million Euro venture debt loan from the European Investment Bank (EIB). The IoT firm develops hardware …

Read More

eSIM: The Future of Cellular IoT Connectivity

By: Special Guest    11/12/2020

One especially critical IoT decision concerns connectivity. Secure and reliable connectivity and data transfer is critical to the IoT ecosystem. If it…

Read More

Will Mid-Tech Products Drive IoT Innovation in 2021? This CEO Thinks So

By: Arti Loftus    11/12/2020

As we head into the New Year, it is that time of year for planning and predictions, and this year, creating strategies in the midst of what could be a…

Read More