Current through Register Vol. 46, No. 43, October 23, 2024
Section 6220.2 - Cyber Security Program(a) Each Board of Elections shall establish a cyber security program that includes all of the elements required under section 6220.3 of this part to ensure the protection and safety of all systems and machines that access, store, process, and transmit election data, other than voting systems which already have security protocols pursuant to section 6210.11 of this part.(b) Each Board of Elections shall certify compliance of its cyber security program to the State Board of Elections annually but no later than August 1st in any given year.(c) Such certification shall include a statement stating that it has successfully established each element outlined in section 6220.3 of this part, or, in the alternative, submit a plan for compliance to the State Board of Elections that includes a target completion date for any outstanding elements.(d) Each Board of Elections must designate two, bi-partisan Elections System Security Officers (ESSOs) to the Secure Elections Center in a letter to the CoExecutive Directors of the State Board of Elections signed by both County Commissioners, who are: (1) responsible for the establishment of the cyber security program.(2) designated as the points of contact with regard to the board of elections cyber security program, and in addition but not limited to, emergency response, incident communications, and recovery of election operations.(e) Each Board of Elections must have an agreement in place with its Information Technology Director, the head of the county Information Technology Department or a contracted Managed Services Provider to facilitate implementation of this cyber regulation.N.Y. Comp. Codes R. & Regs. Tit. 9 § 6220.2
Adopted New York State Register August 18, 2021/Volume XLIII, Issue 33, eff. 8/18/2021