New York Gov. Kathy Hochul announced the state’s first-ever cybersecurity strategy aimed at protecting digital infrastructure from cyber threats.
The strategy articulates, for the first time, a set of high-level objectives for cybersecurity and resilience across New York. It clarifies agency roles and responsibilities, outlines how existing and planned initiatives and investments knit together into a unified approach, and reiterates the state’s commitment to providing services, advice, and assistance to county and local governments.
New York State’s cybersecurity strategy provides public and private stakeholders with a roadmap for cyber risk mitigation and outlines a plan to protect critical infrastructure, networks, data, and technology systems.
“Our interconnected world demands an interconnected defense leveraging every resource available,” said Gov. Hochul. “This strategy sets forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats.”
Gov. Hochul announced her commitment to bolster New York’s centralized cybersecurity during this year’s State of the State address.
The state’s comprehensive cybersecurity strategy is defined by three central principles: unification, resilience, and preparedness. When taken together, New York State can lean on these tenets to present a unified and more resilient defense against new and more sophisticated cyber threats; preventing the vast majority of attacks but also isolating, controlling, and mitigating potential threats; and preparing, adapting, and always being ready for the cyber challenges of the future.
This strategy offers a blueprint for cybersecurity stakeholders across New York, from state agencies to local governments, to understand how they fit into a larger plan. The blueprint provides objectives, lines of effort, and a commitment from the governor that they can use when doing future planning and program design, the press release notes.
The historic $90 million investment for cybersecurity included in the fiscal year 2024 budget made $30 million in shared services funding available to assist local governments in strengthening their own defenses against cyber threats. This initiative signaled a new and stronger collaboration between the state and its local governments on this critical and evolving issue, the press release says.
A part of this strategy includes providing $500 million to enhance New York state’s healthcare information technology, primarily cybersecurity infrastructure, as well as $7.4 million to expand the New York State Police’s Cyber Analysis Unit, Computer Crimes Unit, and Internet Crimes Against Children Center.
“The President’s National Cybersecurity Strategy articulates an affirmative vision for a defensible, resilient, and values-aligned digital ecosystem that benefits all Americans and enables our grandest national ambitions. The strategy calls for bold action to rebalance the responsibility for managing cyber risk onto those entities that are most capable of keeping us all safe, and shifting incentives to drive coordinated investments in long-term resilience,” Acting National Cyber Director Kemba Walden said in a statement. “The New York strategy similarly articulates a fundamentally affirmative vision for cyberspace – that is, it is not simply reactive to threat actor behavior – and advances policy in areas such as: public-private operational collaboration, regulation of critical infrastructure, cyber education and workforce development, and IT modernization.”
During the announcement of the state’s cyber strategy, Gov. Hochul also signed legislation to expand New York’s technology talent pool and provide funding to help ensure that New York-based employers can hire and retain necessary cybersecurity personnel.