Hochul proposes more funding for state’s cybersecurity efforts

In her State of the State message, Gov. Kathy Hochul said she wants New York to spend an additional $35 million on cybersecurity initiatives in 2023. (PHOTO CREDIT: GOV. KATHY HOCHUL FLICKR)

ALBANY, N.Y. — Efforts to support cybersecurity enhancements across New York state may get a funding boost in 2023. Gov. Kathy Hochul on Jan. 10 proposed $35.2 million in new funding as part of her State of the State address.  The enhancements include the expansion of shared services to local governments that help identify security […]

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

ALBANY, N.Y. — Efforts to support cybersecurity enhancements across New York state may get a funding boost in 2023.

Gov. Kathy Hochul on Jan. 10 proposed $35.2 million in new funding as part of her State of the State address. 

The enhancements include the expansion of shared services to local governments that help identify security gaps that could be “exploited by an adversary,” Hochul’s office said. The effort is building upon the legislation that Hochul recently signed to protect against cyberthreats to the state’s energy grid. 

The New York State Division of Homeland Security and Emergency Services (DHSES) will also establish an industrial control system (ICS) assessment team to help protect critical infrastructure and manufacturing systems across the state and make those systems more resilient to cyberattacks. 

“The frequency, magnitude, and impact of cyber-attacks have increased, but we will continue to take bold measures to secure and protect New York’s critical infrastructure,” Hochul contended. “The Industrial Control Systems assessment team, coupled with record investments, will support physical security and cybersecurity assessment programs to help facilities improve their cybersecurity posture, creating a safer and more secure Empire State.”   

The $35.2 million increase would build upon Hochul’s nearly $62 million cybersecurity spending in the fiscal year (FY) 2023 budget, her office noted. 

New York’s finance, energy, transportation, health care, semiconductor, and other industry sectors makes the state “a target” for cyberattacks and other cyber threats, and the “frequency, magnitude, and impact of these events continue to increase,” the governor notes. Ransomware attacks — in which hackers hold data and systems hostage — rose 13 percent nationwide in 2021. Since 2017, more than 3,600 state, local, and tribal governments across the country have been attacked, Hochul’s office said.

The DHSES’ Office of Counterterrorism will create the industrial control systems (ICS) assessment team to better protect residents from cyberattacks and their effects. Working with the agency’s physical security and cybersecurity-assessment programs, the team will help energy, transportation, manufacturing, and other infrastructure systems to “improve their overall security posture” and make their industrial control systems more resilient to cyberattacks.

“As the threats to our digital infrastructure continue to evolve and grow in sophistication, it is more important than ever that we invest in the resources to protect New Yorkers from cyber threats,” Colin Ahern, New York’s chief cyber officer, said. 

The proposed funding will also support the provision of cybersecurity services to county and local governments in FY 2024 and beyond, building upon the creation of the first New York State Joint Security Operations Center (JSOC).

These shared services help county and local governments assess and remedy gaps in their cyber defenses. The shared services complement the state’s ongoing efforts to build a “common picture” of cyber threats shared by cybersecurity teams from federal, state, city and county governments; publicly and privately owned critical infrastructure; and state agencies including the Division of Homeland Security and Emergency Services, Office of Information Technology Services, New York State Police, and others, Hochul’s office said. 

“These historic investments in cybersecurity advanced by Governor Hochul will build on the progress we made in the last year establishing JSOC and implementing effective endpoint detection technology for awareness and action, and is consistent with our whole of state approach, where the state and local governments face down these challenges together,” New York State Chief Information Officer Angelo (Tony) Riddick said. 

Eric Reinhardt: