Agencies are planning a statewide response to a significant disruption to energy, internet-based communications or other critical infrastructure.
Last year, North Dakota’s Information Technology (NDIT) Department faced down 4.5 billion attacks on state government systems—more than double the number of attacks two years earlier.
Now, representatives from the Governor’s Office, NDIT, the Department of Emergency Services and other agencies are reviewing the state’s plans for responding to a major cybersecurity incident. At an April 8 meeting, the state’s unified command briefed agency representatives on considerations for government if the state experienced a significant disruption to the energy sector, internet-based communications or other critical infrastructure.
“It’s imperative that we take a proactive, whole-of-government approach to addressing cybersecurity threats for the protection of our citizens and the essential services and sensitive data they entrust to their state, local and tribal governments,” Gov. Doug Burgum said. “Today’s meeting sets the stage for a statewide response while underscoring that prevention remains our first and best line of defense.”
Participating agencies include the departments of Transportation, Environmental Quality, Commerce, Financial Institutions, Agriculture, Health and Human Services, the North Dakota Forest Service, the Highway Patrol and the North Dakota National Guard.
The governor and cabinet leaders regularly meet to review policy and set strategy objectives for cyber preparedness, defense and response, and the state has participated in cyber preparedness exercises since 2016. In June a cybersecurity exercise will help officials validate planning factors and increase the effectiveness of the whole-of-government team.
In his Feb. 16 state of the state address, Burgum highlighted cybersecurity investments of more than $15 million over the past year. He also noted that North Dakota was also the first state to authorize a central, shared-service approach to cybersecurity across all aspects of state government—a system with 252,000 daily users.
An interstate cybersecurity operations center was expected to be launched in the first quarter of 2022, Chief Information Security Officer Michael Gregg said in January. This state-led information-sharing organization would support cybersecurity efforts in North Dakota, South Dakota and Montana.
NDIT is also working with the Mandan, Hidatsa and Arikara Nation to provide managed security services to help protect the confidentiality, availability and integrity of tribal information systems and data. The department is providing consulting, cybersecurity strategy, security monitoring, security awareness, enhanced network and endpoint security solutions as well as threat intelligence briefings.
NEXT STORY: NC prohibits agencies from paying ransoms