weather icon Clear

Bill would require cybersecurity plans for Nevada infrastructure

Updated April 13, 2017 - 10:39 am

CARSON CITY — A proposal in the Nevada Legislature would require cybersecurity plans for all critical infrastructure in the state.

Senate Bill 395 would require a cybersecurity plan for public and private systems and facilities such as those for utilities and telecommunications.

Under the bill, owners of what the state deems critical infrastructure would need to disclose significant cybersecurity incidents to Nevada Commission on Homeland Security officials. The proposal comes amid an increased awareness of cyberthreats in Nevada and nationwide.

“This bill is really about starting the conversation to help us recognize cybersecurity risks,” a bill sponsor, state Sen. Pat Spearman, D-North Las Vegas, told the Senate Government Affairs Committee on Wednesday.

Reggie Richardson, president of the defense contractor Sapphire Innovative Solutions, presented the bill with Spearman.

“We can’t just walk away because I don’t think that’s the answer,” Richardson said.

The bill has safeguards intended to prevent the state from disclosing proprietary and confidential information about a critical infrastructure system. Nevertheless, telecommunication companies testified in opposition to the bill.

“As a company, we shouldn’t have to turn over our proprietary information to a third party we know nothing about,” said John Lopez, a lobbyist with Cox Communications.

He stressed the company takes privacy and cybersecurity seriously. He also suggested lawmakers look at a way to change the composition of the homeland security commission so it has a representative from the cable industry.

Randy Robison, a lobbyist with CenturyLink, raised concerns about a bill provision that allows the commission to issue a “public statement” if a critical infrastructure is at risk of a successful cyberattack. He said that puts a target on a system’s back.

“Let that sink in for a minute,” he said. “You can guess some of the security implications of that.”

Spearman has proposed an amendment to the bill intended to address some of those concerns. It makes all cybersecurity plans confidential. The initial form of the bill makes public summaries of plans.

The committee took no action on the bill Wednesday.

Contact Ben Botkin at bbotkin@reviewjournal.com or 775-461-0661. Follow @BenBotkin1 on Twitter.

Don't miss the big stories. Like us on Facebook.
Lawsuit challenges Nevada’s new diabetes drug disclosure law

Two pharmaceutical groups have filed a lawsuit in federal court challenging the constitutionality of a bill passed by the 2017 Nevada Legislature requiring disclosure of the pricing of diabetes drugs.

Nevada Legislature approves final payment for ESA software

The final action on Nevada’s controversial private school choice program came Thursday when the Legislature’s Interim Finance Committee approved $105,000 to pay off the remaining costs incurred by a vendor who was working on the development of software to implement the program.

Recall targets a third Nevada senator

A third recall petition against a female Nevada state senator was filed Wednesday.

Federal government approves Nevada’s education plan

Nevada is among four states to get U.S. Education Department approval of its plan as required under a new federal education law, the Every Student Succeeds Act, or ESSA.