Blog

On Our Mind: Embracing Unpredictability

​​By Jim Lombardo, CPCU, AAI, AIM, MBA, AVP of Learning & Development​Life Is so unpredictable, I stopped trying to predict it a long time ago. When I made that decision, a wonderful thing happened- my stress level went down! Now, it didn’t go away completely, and I still prepare for what might happen, but I have learned not to get upset if things don’t always go my way.For example, I had a big meeting coming up with a new group of people whom I never met before- I was warned about their personalities, their quirks, their potential expectations- I spent hours researching and preparing and was…

Continue ReadingOn Our Mind: Embracing Unpredictability

A Message from the Big I NY Chair of the Board on the “NY-HERO Act”

​Earlier this week, I and members of the Big I NY board and staff joined employer groups from virtually every sector of the economy at a press conference to voice concerns with the “NY HERO Act", a bill mandating new workplace airborne infectious disease rules and regulations. The bill has now passed both the Senate and Assembly, and will soon head to the Governor's desk.The intent of this bill is noble – protecting workers from airborne diseases. But the reality for employers, particularly small businesses, is more crushing red tape, bureaucracy, and liability. Broadly speaking, the bill mandates the Department of Labor (DOL) to implement sweeping…

Continue ReadingA Message from the Big I NY Chair of the Board on the “NY-HERO Act”

Penetration Testing Not Required For Limited Exempt Agencies

​We want to reaffirm to those of you who have limited exemptions under the New York cybersecurity regulation that it does not require you to perform network penetration testing.Some members have reported to us emails sent by  a cybersecurity services vendor. These messages stated that the New York State Department of Financial Services (DFS) is requiring all entities covered under the regulation, Cybersecurity Requirements for Financial Services Companies​, to perform regular penetration testing of their computer networks. The vendor has said that DFS is requiring covered entitites to do this, regardless of their size. The regulation defines "covered entity" as "any individual or any non-governmental entity operating under or required…

Continue ReadingPenetration Testing Not Required For Limited Exempt Agencies