Requiring an electronic system penetration testing protocol and security briefings and reports.

A Local Law to amend the administrative code of the city of New York, in relation to requiring an electronic system penetration testing protocol and security briefings and reports

This bill would require the Chief Information Security Officer (“CISO”) to implement a penetration testing protocol for the City’s electronic systems and provide the Mayor and the Speaker with information immediately following an electronic systems security breach. This bill would also require the CISO to prepare an annual report describing the implementation of the penetration testing protocol, security breaches in the previous year, and recommendations for the improvement of existing security practices.