CARSON CITY — Guarding against cyber attacks is the next frontier for Nevada’s homeland security operation.
Gov. Brian Sandoval has a cybersecurity proposal that would create the state’s first Cyber Defense Center to address threats, a recognition of the growing threat of cyber attacks and hackers.
Sandoval said during his State of the State address last month the center “will help Nevada detect, prevent and respond to cyber attacks.”
It’s a project with $3.5 million in new funding for the next two years, an estimated $2.6 million of it for data security upgrades. The total also factors in four new staff.
The Legislature’s money committees will hear the proposal on Thursday. The measure reflects the state’s ongoing work in cybersecurity and a growing national trend of states safeguarding against cyber attacks.
The Nevada Commission on Homeland Security, which Sandoval chairs, has made cybersecurity a high-level area of focus in recent years. The commission’s cybersecurity subcommittee vets cybersecurity projects, including those for grant applications.
“They have consistently set cybersecurity as the top priority,” said Caleb Cage, chief and homeland security advisor for the Department of Public Safety’s Division of Emergency Management.
Nevada’s medical marijuana program database had a breach in December that leaked the personal information of thousands of people who had applied for a dispensary license or employees of dispensaries. That information included Social Security numbers, birthdates, addresses and driver’s license information.
Nevada’s work on cybersecurity policy started well before Sandoval’s State of the State address. Last year, Nevada was one of five states selected by the National Governors Association to develop cybersecurity strategies through to a “policy academy” that connected the state to experts and other resources.
“I think increasingly we’re seeing states recognize that cybersecurity is a business risk for state government,” said Timothy Blute, program director for the NGA’s homeland security and public safety division.
In 2016, legislatures in 28 states considered different cybersecurity measures encompassing issues like security practices in government agencies, confidentiality of information, and cyber crimes, according to a report by the National Conference of State Legislatures. Fifteen of those states passed laws.
California, for example, passed a law requiring the state to develop an emergency services response plan for cyber attacks on infrastructure.
Trends among state agencies include more staff training and stronger authentication procedures, including for state residents accessing multiple services, said Kristin Judge, director of special projects and government affairs for the National Cyber Security Alliance, a nonprofit organization that educates elected officials and others about the issue.
Vulnerabilities are spread pretty evenly among state government and the private sector, she said.
“It’s equal opportunity,” Judge said. “The hacks are coming and it’s just a matter of who’s paying attention.”
Contact Ben Botkin at email@example.com or 775-461-0661. Follow @BenBotkin1 on Twitter.