Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dcontesti
Community Champion
‎01-16-2020 06:23 AM
‎01-16-2020 06:23 AM

New Privacy Law in New York

Just and FYI, a new blog post on the NY Shield Law was posted yesterday.  The article was put together by Paul Lanois, SSCP and Eric Tierling, CISSP.

 

https://blog.isc2.org/isc2_blog/2020/01/new-york-data-privacy-shield-act.html

 

Another set of laws, that affect just about everyone ;(

 

d

 

Labels
Reply
6 Replies
JKWiniger
Community Champion
‎01-16-2020 07:43 AM
‎01-16-2020 07:43 AM

To me, it seems like most of these new laws are just to get companies to start following best practices and other things they should have been doing all along.

 

John-

 

Ps, thank for the post, had not seen it...

Reply
dcontesti
Community Champion
‎01-16-2020 07:50 AM
‎01-16-2020 07:50 AM

@JKWiniger wrote:

To me, it seems like most of these new laws are just to get companies to start following best practices and other things they should have been doing all along.

 

John-

 

Ps, thank for the post, had not seen it...

I have to agree with you.....maybe an eye opener for those that control the purse strings.  

 

d

 

Reply
0 Kudos
MichaelG
Newcomer III
‎01-16-2020 10:26 AM
‎01-16-2020 10:26 AM

The SHIELD act eh? New York ran by Hydra?

Reply
0 Kudos
emb021
Advocate I
‎01-16-2020 12:00 PM
‎01-16-2020 12:00 PM

@JKWiniger wrote:

To me, it seems like most of these new laws are just to get companies to start following best practices and other things they should have been doing all along.

 

John-

 

Ps, thank for the post, had not seen it...

Uh, sadly.

 

Being a consultant it seems a lot of company only do what they should be doing if its forced on them by either their clients or regulations.

 

And then you have the ones who instead of doing a risk analysis (more time & $$$) to determine what they should do, instead want to do the bare minimum as forced by the clients/regulations.

 

Its the compliance vs security mindset.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
JKWiniger
Community Champion
‎01-16-2020 01:08 PM
‎01-16-2020 01:08 PM

I tried not to but I guess I have to return the joke...
Don't worry Fitz has it covered!
Reply
0 Kudos
JKWiniger
Community Champion
‎01-16-2020 01:11 PM
‎01-16-2020 01:11 PM

I have consulted for many years and it depends if they just have you come in to implement / fix something or if they have you come in to run things. I set the direction of how and where their IT was going and it allowed me to incorporate proper security right from the beginning.

John-
Reply
0 Kudos