As the National Governors Association summer meeting convened in Providence this month, more than 30 governors from around the country—joined by Canadian Prime Minister Justin Trudeau and U.S. Vice President Mike Pence—placed special attention on one issue in particular: cybersecurity. That can't be a surprise to anyone. We now know that data theft played a role in the 2016 Presidential election. We also know that nearly two-thirds of federal agencies have suffered a data breach, while more than 95 percent of federal agencies consider themselves vulnerable to a breach, according to a report from the cybersecurity firm Thales. And of course, we know that cybersecurity incidents are having a major impact on commerce. Cybersecurity practices are doing a booming business counseling victims of data breaches, when they aren't being targeted themselves—something DLA Piper experienced in late June, when a cyberattack shut down the firm's phones and email for days.

The problem is everywhere, and there's no doubt that many of the governors in Providence are searching for solutions to it. As they do, they might consider the example of New York, which introduced groundbreaking cybersecurity rules in 2017 and is openly calling on other states to follow its lead. The New York regulatory framework offers a viable model for other jurisdictions to adopt, particularly as global cyberattacks make cyber defense an urgent matter.

New York's cybersecurity regulations are the first of their kind. Implemented earlier this year by the state's Department of Financial Services, they apply only to insurers and certain financial institutions—businesses that, due to the sensitive nature of customer data they maintain, have much at risk in any data breach. One of the regulations' major provisions is a mandate that the banks and insurers subject to them appoint a Chief Information Security Officer by August 2017. In addition, they require periodic risk assessments and the maintenance of cybersecurity programs, as well as requiring entities to: