New York State’s cybersecurity budget would increase by some $35 million to focus on securing the state’s critical infrastructure, Gov. Kathy Hochul proposed in her fiscal 2024 plan.
In late December, Hochul signed legislation to create cybersecurity protections for the state's energy grid. That bill, taken on during a global surge in cyberattacks against critical infrastructure, is intended to ensure New York's energy grid, the backbone of the state's economy, remains reliable and secure, Hochul’s office said.
$97 Million for New York's Cyber Defense
In this action, the extra money would be added to the $62 million the state already budgeted for fiscal 2023 and would be used to increase and underwrite cybersecurity services local governments in the state share. It would include the expansion of shared services to local governments that help identify security gaps that could be exploited by an adversary.
With the $35 million in tow, the State Division of Homeland Security and Emergency Services (DHSES) will establish a specialized industrial control system assessment team to help protect critical infrastructure and manufacturing systems across the state and make those systems more resilient to cyberattacks, Hochul’s office said.
The DHSES’ Office of Counterterrorism will create the industrial control systems (ICS) assessment team in a joint effort with the agency’s physical security and cybersecurity assessment programs. The unit will help energy, transportation, manufacturing and other critical infrastructure systems to improve their overall security posture and make their industrial control systems more resilient to cyberattacks, Hochul’s office said.
“The frequency, magnitude, and impact of cyber-attacks have increased, but we will continue to take bold measures to secure and protect New York’s critical infrastructure,” Hochul said. “The Industrial Control Systems assessment team, coupled with record investments, will support physical security and cybersecurity assessment programs to help facilities improve their cybersecurity posture, creating a safer and more secure Empire State.”
Government Cybersecurity Funding Gains Momentum
Cybersecurity funding at the state and local level has gained momentum in the last two years. In 2021, there were over 285 pieces of legislation related to cybersecurity introduced in state legislative sessions. In 2022, there were over 300 pieces of legislation introduced at the state level, according to a blog post by industry association (ISC)2.
The $1.2 trillion dollar Infrastructure Investment and Jobs Act of 2021 included $1 billion for grants to improve state, local, tribal and territorial government cybersecurity. That landmark bill was the largest federal investment in cybersecurity to date. Roughly $300 million will be distributed to states and localities in 2024. Some 80% of those funds are required to go directly to local governments.
In September 2022, the federal Department of Homeland Security (DHS) announced a cybersecurity grant program specifically for state, local, and territorial (SLT) governments across the country. This State and Local Cybersecurity Grant Program provides $1 billion in funding to SLT partners over four years, with $185 million available for FY 2022.
With this funding, SLT governments will be better equipped to address cybersecurity risks, strengthen the cybersecurity of their critical infrastructure, and ensure resilience against persistent cyber threats for the services SLT governments provide their communities, DHS said.