ALBANY, N.Y. — New York’s first-ever statewide cybersecurity strategy aimed at protecting the state’s digital infrastructure from today’s cyber threats. The strategy articulates, for the first-time, a set of high-level objectives for cybersecurity and resilience across the Empire State, the office of Gov. Kathy Hochul said in announcing the strategy on Aug. 9 It clarifies […]
ALBANY, N.Y. — New York’s first-ever statewide cybersecurity strategy aimed at protecting the state’s digital infrastructure from today’s cyber threats.
The strategy articulates, for the first-time, a set of high-level objectives for cybersecurity and resilience across the Empire State, the office of Gov. Kathy Hochul said in announcing the strategy on Aug. 9
It clarifies agency roles and responsibilities; outlines how existing and planned initiatives and investments “knit together into a unified approach;” and reiterates the state’s commitment to providing services, advice, and assistance to county and local governments.
New York State’s cybersecurity strategy provides public and private stakeholders with a “roadmap” for cyber-risk mitigation and outlines a plan to protect critical infrastructure, networks, data, and technology systems.
“Our interconnected world demands an interconnected defense leveraging every resource available,” Hochul said in the announcement. “This strategy sets forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats.”
The strategy unifies New York’s cybersecurity services in order to protect critical infrastructure, personal information, and digital assets from malicious actors. It also provides a framework to align the actions and resources of both private and public stakeholders, including county and other local governments, Hochul’s office said.
Hochul announced her commitment to bolster New York’s centralized cybersecurity during this year’s State of the State address. The $90 million investment for cybersecurity included in the state budget made $30 million in shared-services funding available to help local governments in strengthening their own defenses against cyber threats.
Part of this strategy includes providing $500 million to enhance New York State’s health-care information technology, primarily cybersecurity infrastructure, as well as $7.4 million to expand the New York State Police’s cyber analysis unit, computer crimes unit, and the Internet Crimes Against Children Center.
Defining principles
The state’s cybersecurity strategy is defined by three central principles: unification, resilience, and preparedness.
When taken together, New York State can “lean on these tenets to present a unified and more resilient” defense against new and more sophisticated cyber threats; preventing the vast majority of attacks but also isolating, controlling, and mitigating potential threats; and preparing, adapting and “always being ready for the cyber challenges of the future,” Hochul’s office contended.
The strategy offers a blueprint for cybersecurity stakeholders across New York, from state agencies to local governments, to understand how they fit into a larger plan. The blueprint provides objectives, lines of effort, and a commitment from the governor that they can use when doing future planning and program design.
Hochul also signed legislation to expand New York’s technology workforce and provide funding to help ensure that New York–based employers are able to hire and retain necessary cybersecurity staff.