Terakeet cuts 64 jobs from its outreach team

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

SYRACUSE, N.Y. — Terakeet has eliminated 64 positions from its outreach team, the Syracuse–based search-engine technology company has confirmed to CNYBJ. “Following a significant analysis

Onondaga County hotel occupancy rose 7.5 percent in December

Construction, Design & Real Estate, Small Business, Sports, Entertainment & Tourism, Subscriber Only

SYRACUSE, N.Y. — Onondaga County hotels continued to see an increase in business activity in December compared to the year-earlier period, according to a new report. The hotel-occupancy rate (rooms sold as a percentage of rooms available) in the county climbed 7.5 percent to 44.3 percent in the final month of 2022, according to STR,

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Auburn’s Schweinfurth Art Center to use $10K grant for Quilters of Color initiative

Nonprofits, Sports, Entertainment & Tourism, Subscriber Only

AUBURN, N.Y. — Schweinfurth Art Center in Auburn recently announced that the National Endowment for the Arts (NEA) has approved it for a Challenge America award of $10,000. The grant funding will support the art center’s Quilters of Color initiative. The Schweinfurth’s Quilters of Color initiative includes several workshops, classes, and an exhibition opportunity for

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Mercy House of the Southern Tier receives $75K grant

Employee Benefits & Human Resources, Health Care, Nonprofits, Regional News, Subscriber Only

ENDICOTT, N.Y. — Mercy House of the Southern Tier was recently selected as a Mother Cabrini Health Foundation grantee for the third year, receiving $75,000 for a Mercy House admissions navigator. The grant allows the Endicott–based organization to continue its admissions program through meeting with palliative teams at hospitals and informational in-home visits. The money

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Bassett earns certification as a primary stroke center

Health Care, Nonprofits, Regional News, Subscriber Only

COOPERSTOWN, N.Y. — Bassett Medical Center earned The Joint Commission’s Gold Seal of Approval and the American Stroke Association’s Heart-Check mark for Primary Stroke Center Certification. The certification recognizes hospitals that meet standards to support critical elements to achieve long-term success in improving outcomes for stroke patients. To achieve the certification, Bassett underwent a rigorous,

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

VIEWPOINT: COVID-19 Legal Check-Up: Where Are We Now?

Business Mentors, Health Care, Subscriber Only

With the onset of the COVID-19 XBB.1.5 variant, more employees are in need of time off from work this winter to recover from unfortunate illness. Below is a quick update for employers on the current state of COVID-19 paid-leave laws available to employees: NYS COVID Paid Leave: Still in Effect. Enacted in March 2020, NY

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

NYS COVID Paid Leave: Still in Effect. Enacted in March 2020, NY COVID paid leave is codified into law, with no expiration date. Accordingly, employees are still entitled to up to three paid leaves if subject to a mandatory or precautionary order of isolation or quarantine issued by the New York State Department of Health (or any governmental entity similarly authorized). Length of leave depends on the employer’s size and income and for second and third leaves, a positive test must be accompanied by documentation from a licensed medical provider or testing facility. Employees would be paid at their regular rate of pay and other available paid leave may not be charged against this leave. However, employees are well enough to work from home, they would not be eligible for this leave. Notably, New York paid COVID leave works in concert with CDC guidelines, as New York State adopted these (see our recent blog post at: https://www.bsk.com/new-york-labor-and-employment-law-report/new-york-state-adopts-the-cdc-rsquo-s-covid-19-quarantine-and-isolation-guidance). Accordingly, someone who does not need to isolate under the latest CDC guidance is not entitled to this leave. More info is available in the state’s FAQ at: https://paidfamilyleave.ny.gov/new-york-paid-family-leave-covid-19-faqs.

NYS Paid Family Leave for a Minor Dependent Child due to COVID-19 Quarantine/Isolation: Still Available. The attestation form — available here: http://docs.paidfamilyleave.ny.gov/content/main/forms/PFLDocs/ccovid19.pdf — must be completed.

NYS COVID Vaccination Time: Still in Effect. Under NYS Labor Law § 196-c, employees are entitled to up to four hours of paid leave per COVID vaccination injection (unless entitled to more under a collective-bargaining agreement), boosters included. This leave was extended until Dec. 31, 2023.

NYS Paid Sick Leave for Recovery from Vaccine Side Effects: Still Available. Whether leave is paid or unpaid will depends on employer size and income. More information is available at: https://dol.ny.gov/system/files/documents/2021/09/psl-and-vaccine-recovery-guidance-9-22-21.pdf

Adam R. Mastroleo is a member (partner) at Bond, Schoeneck & King, PLLC in Syracuse. Contact him at amastroleo@bsk.com. Lisa R. Feldman is an associate in Bond’s New York City office. Contact her at lfeldman@bsk.com. This article is drawn and edited from the law firm’s website.

New state law seeks to boost energy grid’s cyber protections

Construction, Design & Real Estate, Energy, Environment & Sustainability, Manufacturing & Engineering, Subscriber Only, Technology

ALBANY — New state legislation signed into law in late December is aimed at increasing cybersecurity safeguards for New York’s energy grid. The legislation, which passed unanimously in both the state Assembly and state Senate, strengthens protections for the local power-distribution system and requires utilities to secure critical infrastructure against cyberattacks, the office of Gov.

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

ALBANY — New state legislation signed into law in late December is aimed at increasing cybersecurity safeguards for New York’s energy grid.

The legislation, which passed unanimously in both the state Assembly and state Senate, strengthens protections for the local power-distribution system and requires utilities to secure critical infrastructure against cyberattacks, the office of Gov. Kathy Hochul said in announcing the bill signing on Dec. 23.

The new law will require utilities to prepare for cyberattacks in their annual emergency response plans. That’s similar to what utilities do to prepare for storms, the governor’s office said.

The legislative provisions will also provide the state Public Service Commission enhanced auditing powers to ensure that critical infrastructure and customer data is secured.

New York State adopted the new law following federal guidance requesting that state’s set minimum cybersecurity requirements for critical infrastructure, including the energy system. In several cases over the past decade, cyberattacks have proven capable of shutting down electric grids, government officials say.

“Hackers continue to target our nation’s critical infrastructure and industrial control systems to threaten the services Americans rely on every day. It’s great to see New York take this important step to protect critical energy and gas infrastructure regulated at the state level,” Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said in a statement. “CISA looks forward to continuing to partner closely with the State of New York to help ensure secure and resilient infrastructure.”

Timothy P. Cawley, chairman, president, and CEO of Consolidated Edison, Inc., added, “Cyberattacks are a growing threat to energy systems and energy providers across the country, which is why Con Edison takes so seriously our responsibility to protect critical infrastructure, information systems and customer data. We applaud our partners in government … for ensuring New York remains a national leader on an issue of critical importance.”

Hochul proposes more funding for state’s cybersecurity efforts

Law, Accounting & Taxes, New York News, Nonprofits, Subscriber Only, Technology

ALBANY, N.Y. — Efforts to support cybersecurity enhancements across New York state may get a funding boost in 2023. Gov. Kathy Hochul on Jan. 10 proposed $35.2 million in new funding as part of her State of the State address. The enhancements include the expansion of shared services to local governments that help identify security

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

ALBANY, N.Y. — Efforts to support cybersecurity enhancements across New York state may get a funding boost in 2023.

Gov. Kathy Hochul on Jan. 10 proposed $35.2 million in new funding as part of her State of the State address.

The enhancements include the expansion of shared services to local governments that help identify security gaps that could be “exploited by an adversary,” Hochul’s office said. The effort is building upon the legislation that Hochul recently signed to protect against cyberthreats to the state’s energy grid.

The New York State Division of Homeland Security and Emergency Services (DHSES) will also establish an industrial control system (ICS) assessment team to help protect critical infrastructure and manufacturing systems across the state and make those systems more resilient to cyberattacks.

“The frequency, magnitude, and impact of cyber-attacks have increased, but we will continue to take bold measures to secure and protect New York’s critical infrastructure,” Hochul contended. “The Industrial Control Systems assessment team, coupled with record investments, will support physical security and cybersecurity assessment programs to help facilities improve their cybersecurity posture, creating a safer and more secure Empire State.”

The $35.2 million increase would build upon Hochul’s nearly $62 million cybersecurity spending in the fiscal year (FY) 2023 budget, her office noted.

New York’s finance, energy, transportation, health care, semiconductor, and other industry sectors makes the state “a target” for cyberattacks and other cyber threats, and the “frequency, magnitude, and impact of these events continue to increase,” the governor notes. Ransomware attacks — in which hackers hold data and systems hostage — rose 13 percent nationwide in 2021. Since 2017, more than 3,600 state, local, and tribal governments across the country have been attacked, Hochul’s office said.

The DHSES’ Office of Counterterrorism will create the industrial control systems (ICS) assessment team to better protect residents from cyberattacks and their effects. Working with the agency’s physical security and cybersecurity-assessment programs, the team will help energy, transportation, manufacturing, and other infrastructure systems to “improve their overall security posture” and make their industrial control systems more resilient to cyberattacks.

“As the threats to our digital infrastructure continue to evolve and grow in sophistication, it is more important than ever that we invest in the resources to protect New Yorkers from cyber threats,” Colin Ahern, New York’s chief cyber officer, said.

The proposed funding will also support the provision of cybersecurity services to county and local governments in FY 2024 and beyond, building upon the creation of the first New York State Joint Security Operations Center (JSOC).

These shared services help county and local governments assess and remedy gaps in their cyber defenses. The shared services complement the state’s ongoing efforts to build a “common picture” of cyber threats shared by cybersecurity teams from federal, state, city and county governments; publicly and privately owned critical infrastructure; and state agencies including the Division of Homeland Security and Emergency Services, Office of Information Technology Services, New York State Police, and others, Hochul’s office said.

“These historic investments in cybersecurity advanced by Governor Hochul will build on the progress we made in the last year establishing JSOC and implementing effective endpoint detection technology for awareness and action, and is consistent with our whole of state approach, where the state and local governments face down these challenges together,” New York State Chief Information Officer Angelo (Tony) Riddick said.

VIEWPOINT: Health Care and Cybersecurity CIRCIA’s Potential Effect on Health-Care Entities

Business Mentors, Health Care, Subscriber Only, Technology

Welcome to 2023. As in 2022, we are likely to see continuing escalation of cyber-intrusion threats to health-care entities and their data. Health-care data breach already is far from a trivial matter. According to one expert, there have been more than 4,400 breaches during the span of 2009 to 2021 — involving 500 or more

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Welcome to 2023. As in 2022, we are likely to see continuing escalation of cyber-intrusion threats to health-care entities and their data.

Health-care data breach already is far from a trivial matter. According to one expert, there have been more than 4,400 breaches during the span of 2009 to 2021 — involving 500 or more records and the disclosure of health-care records topping 300 million in number.

At Bond, we will be tracking how our federal cybersecurity structure changes and adapts to these increased risks, what that means for health-care providers and the regulations that apply to them, and how these changes aim to protect health-care data integrity.

In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which requires the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments to CISA. Covered entities under CIRCIA include some health-care organizations . As part of its rulemaking process, CISA issued a request for information last fall intended to inform its development of regulations that fundamentally may change the regulatory landscape. Review of the request for information is underway — and the implications of the results could be vast.

At a high level, CIRCIA ups the ante by indicating companies operating in the health-care space and in other “critical infrastructure” sectors report cyber incidents within 72 hours — and ransomware payments within 24 hours. In addition, by CIRCIA giving CISA the authority to develop those regulations, CISA may potentially include further compliance requirements beyond what is currently required of health-care entities. This important rulemaking development will continue throughout 2023, but it will not be implemented until after CISA’s rulemaking becomes final.

How does CIRCIA mesh with HIPAA and the various reporting requirements within that law? For instance, although CIRCIA seems to provide some allowance for avoidance of duplicative reporting if there already is a functionally similar reporting requirement in place (e.g., HIPAA), it may end up that the existing reporting requirements under HIPAA, (e.g., concerning breach notification, as enforced by the HHS Office for Civil Rights), will fall below the bar and CIRCIA will require more. CISA will have a lot of say on that, and this is the first major rulemaking that this relatively new agency is taking on.

The public comments that were submitted on CIRCIA by health-care entities are particularly telling. Organizations spell out concerns about duplication and unnecessary confusion — a number stressed the importance of cleanly implementing the CIRCIA provision that precludes CISA from requiring duplicative reporting (see CIRCIA at Section 2242(a)(5)(B)). Others emphasized that required reporting only should comprise data absolutely necessary for governmental operations, so as to protect data integrity wherever possible and to, where necessary, allow ongoing “ransom” negotiations to continue out of the limelight when that benefits data-retrieval efforts.

As CISA develops CIRCIA regulations during 2023, Bond will be watching closely. In the meantime, we encourage readers to avail themselves of useful health-care cybersecurity resources, including those of the “405(d)” task group (of which this author is a member). And for those readers in New York state, the New York Healthcare Cyber Alliance (which this author co-chairs) continues its work of linking health-care delivery organizations to the resources that can improve their cyber posture.

Gabriel S. Oberfield, Esq., M.S.J. is a senior counsel in the New York City office of Syracuse–based Bond, Schoeneck & King, PLLC. As an experienced health-care attorney with health-care management expertise, Oberfield guides C-suite leaders on matters ranging from regulatory and legislative affairs to strategic planning, as well as legal issues affecting their organizations. This article is drawn and edited from the law firm’s Cybersecurity and Data Privacy Information Memo.

Dannible senior audit manager earns information systems auditor credential

Employee Benefits & Human Resources, Law, Accounting & Taxes, People on the Move, Subscriber Only, Technology

SYRACUSE, N.Y. — Dannible & McKee, LLP — a certified public accounting and consulting firm with offices in Syracuse, Auburn, Binghamton, and Schenectady — recently announced that Kevin M. Didio, CPA has earned the certified information systems auditor (CISA) credential from the Information Systems Audit and Control Association (ISACA). The CISA certification is a globally

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

The CISA certification is a globally recognized standard for information-systems audit control, assurance, and security professionals. The designation showcases an individual’s audit experience, skills and knowledge, and demonstrates expertise in assessing vulnerabilities, reporting on compliance, and instituting controls in an enterprise environment, according to a Dannible & McKee release. To receive a CISA certification, candidates must pass a comprehensive exam and satisfy industry work-experience requirements.

Didio, a senior audit manager at Dannible & McKee, has more than 10 years of experience in accounting, assurance, and advisory experience — providing services to both private and publicly held domestic and foreign companies. He is responsible for planning and managing multiple engagement teams through the performance of audits, reviews, and compilations for the firm’s clients. With his CISA certification, Didio will focus on strengthening internal controls for clients in a variety of industries and implementing comprehensive risk management across their full technology infrastructure, Dannible & McKee said.

Didio graduated from Ithaca College in 2011 with a bachelor’s degree in accounting. He earned a master’s degree in professional accounting from Syracuse University in 2012.

Founded in 1969, the nonprofit, independent ISACA advocates for professionals involved in information security, assurance, risk management, and governance. The association has 225 chapters worldwide.

Dannible & McKee offers audit, tax, accounting, and financial management advisory services to clients nationwide. The firm says it focuses on major industry lines and specializes in multi-state taxation review, business valuation, litigation support, and fraud prevention and detection.

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

Get our email updates

What's New

Upcoming Events

CNYSME Networking Happy Hour

2025 Engaging Electeds: Summer Soiree

2025 GOFCC Summer Celebration & BBQ

CNYBJ Job Board

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get our email updates