Updates from the Resource Center for State Cybersecurity team, July 29, 2022
You’re Invited!
Join NGA for a webinar on Tuesday, August 16th at 3:30 P.M. EST on the topic of State Volunteer Incident Response Teams: Considerations for Implementation
Cybersecurity workforce shortages and strained SLTT government agencies have led some states to create teams of volunteers to strengthen cyber incident response activities and combat the threat. Expanding upon the conversations that took place during NGA’s National Summit on State Cybersecurity and the accompanying publication released in June, join us as we host representatives from Michigan, Wisconsin, and Ohio to present their lessons learned. We hope you will use this webinar as an opportunity to share ideas with colleagues from across the states and ask questions that may inform your state’s own plans to implement a similar model.
Contact Casey Dolen (cdolen@nga.org) for more information
Cybersecurity Resources
- Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet | Council on Foreign Relations Report
- FACT SHEET: National Cyber Workforce and Education Summit | The White House Briefing Room
- Zero Trust at Work: A New Baseline for Modern AppSec in Government Agencies | Invicti Security White Paper
State Cyber Watch
Governor Hochul Announces Launch of $30 Million Shared Services Program to Enhance Cyber Defenses in Counties Across the State | Office of Governor Kathy Hochul July 21, 2022
Governor Kathy Hochul unveiled New York’s $30 million shared services program designed to assist counties with cybersecurity, including tools to protect against ransomware attacks. The state also recently announced its Joint Security Operations Center in Brooklyn, which will serve as a cyber command center that houses cyber assets from multiple levels of government.
The Connecticut CyberHub Initiative | State of Connecticut Department of Administrative Services July 20, 2022
Endorsed by Governor Ned Lamont and stemming from a broader initiative through the NGA, the state of Connecticut has created its CyberHub, which fast-tracks the development of cyber skills through formal education and hands-on internship experience for students at all levels. Over the next 12 weeks, the state will be working to recruit and enroll at least 200 participants in this year’s cohort to address the cybersecurity talent shortage.
New Mexico’s new CIO says cybersecurity a focus amid state’s broadband rollout | StateScoop July 18, 2022
Last month, Governor Michelle Lujan Grisham appointed Peter Mantos as New Mexico’s chief information officer. Mantos is focused on broadband expansion and cybersecurity initiatives across the state, and is committed to fostering a “customer-centric government.”
Rhode Island sewer-system operator hit by cyber attack | The Providence Journal July 16, 2022
The Narragansett Bay Commission, which manages sewer systems in parts of Rhode Island, was hit by a ransomware attack. It was later revealed that the commission paid $250,000 to resolve the situation and bring its systems back online.
Louisiana CISO Changes Roles to Focus State Cyber Defenses | GovTech July 14, 2022
Dustin Glover, former chief information security officer of Louisiana, was named the state’s chief cyber officer this month. Concurrently, Louisiana is adding resources to its existing cyber infrastructure within the state police and adding 20 new dedicated cyber positions to the state’s military department.
Wolf OKs bill for PA National Guard to provide cybersecurity training to local governments | City & State Pennsylvania July 11, 2022
Among legislation signed into law along with the passage of Pennsylvania’s state budget, House Bill 2412 was signed into law, which authorizes the Governor to order the state’s National Guard to support SLTT government entities with cyber support, training, and more.
PR gov’t joins multi-state data-sharing entity to bolster cybersecurity | The San Juan Daily Star July 6, 2022
Earlier this month, Governor Pedro Pierluisi Urrutia announced Puerto Rico’s cybersecurity efforts in partnership with the Multi-State Information Sharing Analysis Center. This comes at a time when Puerto Rico is undertaking a series of initiatives aimed at strengthening its government agencies’ systems, signaling its broader commitment to cybersecurity.
Cyber incident reporting law takes effect in Virginia | StateScoop July 5, 2022
Senate Bill 764 — which was passed in Virginia with near-unanimous support — recently took effect, requiring the state’s agencies and local governments to report cybersecurity incidents within 24 hours of detection.
NGA Government Relations Updates
On Wednesday, July 13th, the Council of Governors, led by Minnesota Governor Tim Walz and Ohio Governor Mike DeWine, hosted its 25th Plenary Meeting in Portland, Maine with senior federal officials to discuss key issues on cybersecurity, National Guard, and homeland security. The Council’s Cybersecurity Work Group led by Louisiana Governor John Bel Edwards and Wyoming Governor Mark Gordon held a discussion with CISA Director Jen Easterly on opportunities to provide feedback on the Cyber Response and Recovery Fund, promoting a strong cyber workforce, updating the Council’s 2014 Joint Action Plan, developing and understanding the state and local cybersecurity grant landscape, evaluating cyber incident response authorities, and strengthening coordination efforts within the federal government.
On July 14th, the U.S. House of Representatives passed, 329-101, its version of the FY2023 National Defense Authorization Act to authorize $840.2 billion in national defense spending. The bill contained several cybersecurity related provisions important to state and local cybersecurity leaders, including new grant opportunities for cybersecurity training programs at elementary and secondary schools, enhancing SLTT resources to respond and prevent cybersecurity incidents, and opportunities to host cybersecurity competition aimed at developing and showcasing offensive and defensive cybersecurity skills.
Questions, comments, or feedback? Want your work featured in our newsletter? Contact Casey Dolen, Senior Cybersecurity Policy Analyst, at cdolen@nga.org