QUESTION
What is the process for responding to cybersecurity tips or incidents involving NYC assets or data?
0:32:10
·
35 sec
The Chief Information Security Officer explains the process for responding to cybersecurity tips or incidents involving NYC assets or data.
- If a tip or incident involves NYC assets, data, or employee information, it is investigated to determine if it is a valid vulnerability or data disclosure.
- There are procedures in place to analyze, investigate, and provide response and remediation actions if necessary.
- The response process handles security incidents that can come in various forms.
Jennifer GutiƩrrez
0:32:10
And what is the process there after after you receive a tip, let's say, from asking the commissioner online?
0:32:16
Like, like you mentioned.
Kelly Moan
0:32:18
So if there's an a nexus to city assets or city data of city employee information, right, we'll continue to invest gate to determine whether or not it is a valid either vulnerability or data disclosure.
0:32:34
Right?
0:32:34
So security incident can come in a number of different forms.
0:32:36
So we have procedures in place to essentially analyze, investigate, and then provide response and remediation actions should it be necessary.
← Previous Chapter
Is there an option to connect directly with the Office of Technology and Innovation (OTI) about a tip when calling 311?
Next Chapter →
What is the turnaround time for responding to messages sent to agency websites and how does New York City Cyber Command communicate with agencies during cybersecurity incidents?
