citymeetings.nyc

Your guide to NYC's public proceedings.

QUESTION

What is the process for responding to cybersecurity tips or incidents involving NYC assets or data?

0:32:10

·

35 sec

The Chief Information Security Officer explains the process for responding to cybersecurity tips or incidents involving NYC assets or data.

If a tip or incident involves NYC assets, data, or employee information, it is investigated to determine if it is a valid vulnerability or data disclosure.
There are procedures in place to analyze, investigate, and provide response and remediation actions if necessary.
The response process handles security incidents that can come in various forms.

Jennifer Gutiérrez

0:32:10

And what is the process there after after you receive a tip, let's say, from asking the commissioner online?

0:32:16

Like, like you mentioned.

Kelly Moan

0:32:18

So if there's an a nexus to city assets or city data of city employee information, right, we'll continue to invest gate to determine whether or not it is a valid either vulnerability or data disclosure.

0:32:34

Right?

0:32:34

So security incident can come in a number of different forms.

0:32:36

So we have procedures in place to essentially analyze, investigate, and then provide response and remediation actions should it be necessary.

← Previous Chapter

Is there an option to connect directly with the Office of Technology and Innovation (OTI) about a tip when calling 311?

Next Chapter →

What is the turnaround time for responding to messages sent to agency websites and how does New York City Cyber Command communicate with agencies during cybersecurity incidents?