Albany, NY - State Assemblyman Steve Otis (91^st AD) and State Senator Kristen Gonzalez (59^th SD) announced that Governor Kathy Hochul has signed their legislation, A7364/S7414, to provide additional cyber security protection to critical infrastructure facilities related to energy generation and transmission, storage of hazardous substances, and pipeline and transmission facilities related to commercial aviation, petroleum and natural gas fuel.

Cyber security vulnerabilities represent a significant risk to the security of energy infrastructure facilities. The legislation builds on legislation passed last year, which expanded our defense against cyber-attack of critical energy facilities. (Chapter 743 of the laws of 2022)

The new measure upgrades the 2022 cyber security law by covering energy infrastructure not previously specified for expanded cybersecurity review. The legislation was the proposal of the Assembly Science and Technology Committee and the Senate Internet and Technology Committee, which are chaired Assemblyman Otis and Senator Gonzalez in their respective houses.

The clarification provided in this legislation will support the important mission of the Division of Homeland Security and Emergency Services and their cyber security review responsibilities is consistent with Chapter 743.

Assemblyman Steve Otis said, “Governor Hochul has made upgrading New York State’s cybersecurity capabilities a major priority through a series of new initiatives, units, and interagency collaborations announced over the past two years. We thank her and her team for working with us on this legislation to make sure that the Division of Homeland Security review of critical energy infrastructure includes the key facilities outlined in this legislation.”

Senator Kristen Gonzalez said, “Cyberattacks are only increasing and working-class New Yorkers stand to be the most impacted by disruptions to power grids, healthcare services, and more if we do not secure our critical infrastructure. That's why we're working with our colleagues and Governor Hochul to build a New York where working-class New Yorkers are protected from bad faith actors who are using emerging, unregulated technologies to find vulnerabilities in our systems.”

The 2022 legislation established a comprehensive framework for the Division of Homeland Security and Emergency Services and other state agencies to assess and review the vulnerabilities of critical infrastructure to cyberattacks and provided for expanded reporting, audit, monitoring and security protocols for a variety of energy infrastructure facilities.

The new legislation specifies that the energy generation and transmission, storage of hazardous substances, and pipeline and transmission facilities related to commercial aviation, petroleum, and natural gas fuel fall under the review authority of the Division of Homeland Security and Emergency Services. Governor Hochul signed the legislation as Chapter 417 of the Laws of 2023 on September 15^th.