Governor Andrew M. Cuomo today announced leading experts in cyber security joined his Cyber Security Advisory Board, further protecting New York ahead of the critical 2020 elections. In addition, Governor Cuomo directed the Board to assess the threats to the security and integrity of our elections and recommend steps to bolster election security.
"We must face our new reality: election tampering is now one of the biggest threats to our democracy," Governor Cuomo said. "In the absence of federal leadership, it is more vital now than ever that New York leads in election security. I welcome these new board members who will strengthen existing cyber security protections and help maintain integrity in New York's electoral process."
Governor Cuomo created the Cyber Security Advisory Board in 2013 to ensure the State maintains a cutting-edge strategy to keep New Yorkers safe from cyber threats. The Board is comprised of world-renowned cyber security experts who advise the administration and make recommendations for protecting the state's critical infrastructure and information systems. New appointments to the board include world class experts in cyber security and electoral security.
These additional recommendations will build on the Governor's successful enhancement of election infrastructure in 2018 and 2019. The previous measures include an Intrusion Detection System and Managed Security Services that are now in place protecting County Boards of Election and other county information systems, comprehensive risk assessments by the State Board of Elections, and $5 million for cybersecurity improvements. Additionally, the DHSES Cyber Incident Response Team and the State Board's Secure Election Center are providing individualized assistance to counties to help secure their systems and assist with response when incidents occur.
Given the continued threat of foreign interference, the Governor is again directing the Advisory Board to review New York's current cybersecurity programs and offices and make recommendations that will improve New York's security and resiliency.
The Board is led by Co-Chairs Linda Lacewell, Superintendent of the New York Department of Financial Services; Jeremy Shockett, New York Deputy Secretary for Public Safety; and William Pelgrin, CEO and co-founder, CyberWA, Inc. The new board members are:
- Luke Dembosky: Mr. Dembosky is a partner at the law firm of Debevoise Plimpton, where he is Co-Chair of the firm's Cybersecurity & Data Privacy practice and a member of the White Collar & Regulatory Defense Group. Mr. Dembosky previously served as a federal prosecutor, most recently as the Deputy Assistant Attorney General for National Security at the U.S. Department of Justice where he oversaw all national security cyber cases.
- Eric Friedberg: Mr. Friedberg has 30 years of public and private sector experience in law, cyber incident response, cyber-governance, IT security, forensics, investigations, and e-discovery. He is Co-President of Stroz Friedberg, a cyber consultancy and technical services firm acquired by Aon in 2016, and of Aon's Cyber Solutions, its cyber risk management division.
- Justin Herring: Mr. Herring is the Executive Deputy Superintendent for the Cybersecurity Division at the New York Department of Financial Services, where he oversees the Department's cybersecurity regulation for the financial industry. He previously served as a senior cybercrimes prosecutor with the Department of Justice.
- Erez Liebermann: Mr. Liebermann served for a decade as prosecutor at the Department of Justice, where he led the prosecutions of cyber and white-collar criminals. He is now Chief Counsel, Cybersecurity and Privacy; and Vice President, Regulatory Law, at Prudential Financial. There he built one of the first cybersecurity and privacy legal teams in a Fortune 500 company and oversees cyber investigations. He was an aerospace engineer prior to law school.
- Debora Plunkett: Ms. Plunkett served for decades at the National Security Agency (NSA), where she was Senior Advisor to the Director of the NSA and Director of Information Assurance. She is Principal of Plunkett Associates, a cybersecurity consulting business. Since 2016, Ms. Plunkett has been a Senior Fellow in the Digital Democracy Project, launched by the Belfer Center for Science and International Affairs at Harvard's Kennedy School of Government, providing security advice to campaigns.
Governor Cuomo has taken other significant steps to protect the sensitive information of New Yorkers. In July, he signed into law the Stop Hacks and Improve Electronic Data Security - or SHIELD - Act to protect New Yorkers against security breaches. The Act imposes stronger obligations on businesses handling private data to provide proper notification to affected consumers when there is a security breach. The Governor also signed legislation requiring consumer credit reporting agencies to offer identity theft prevention and mitigation services to consumers who have been affected by a security breach of the agency's system.
In May, the New York State Department of Financial Services became the first banking or insurance regulator in the nation to establish a Cybersecurity Division to protect consumers and industries from cyber threats. In February 2017, Governor Cuomo announced that DFS had promulgated the nation's first cybersecurity regulation to protect New York's financial services industry and consumers from the ever-growing threat of cyberattacks. DFS's regulations are now fully in effect for the financial industry, and served as a model for other regulators' cybersecurity regulations - such as the National Association of Insurance Commissioner's Data Security Model Law and the Federal Trade Commission's proposed amendments to the Safeguards Rule.