(TNS) — Kansas lawmakers are beefing up digital security measures after the state's judiciary fell victim to a foreign cyberattack last year that crippled the state's online court system for months. are doing. The investigation also found that the state's cybersecurity remains flawed.
The Kansas House of Representatives introduced a bill Monday that would strengthen cybersecurity and IT measures in all three branches of government.
Kansas State University also suffered a cyber attack earlier this year that took some systems offline. A legal audit released in July 2023 found that more than half of the 15 state-run organizations surveyed were not complying with IT and cybersecurity best practices.
House Speaker Pro Tem Blake Carpenter, a Derby Republican who sponsored the bill, said cyberattacks are not only expensive and time-consuming, but also compromise sensitive data.
“We're starting to see more attacks on the government and millions of dollars being paid out,” he said. “We want to address this issue and find a solution in this legislation.”
The bill would establish a timeline for state agencies to meet rigorous national cybersecurity standards and benchmarks. The bill would require audits of these government agencies and impose a penalty of a 5% budget cut on agencies that do not meet data security standards.
The three branches of government will appoint chief information security officers to oversee the implementation of these security standards, while the four elected offices under the executive branch will continue to provide their own security.
Rep. Barb Wassinger (R-Hayes), chair of the Legislative Modernization Committee, said the bill represents a major milestone in protecting against foreign attacks, but will likely need to be reviewed annually. Ta.
“Whatever it is, it needs to be revised every year,” she said. “Cybersecurity changes overnight, so it is impossible to predict what will happen or what you will need to do.”
Last year, Kansas Democratic Gov. Laura Kelly signed a bill that gives the state authority to change its cybersecurity training, response, and assessment programs. Modernize the national security system. Improve public awareness of all threats.
The House bill would also require all state government websites to move to .gov domains. Authorizes the Kansas National Guard to conduct test hacks into enforcement systems. It also requires annual cybersecurity training for legislators and state employees.
Carpenter said the move seeks to drive a cultural change within state government that emphasizes the importance of digital security and data protection.
“The biggest weakness we face in any cyber situation is human connection,” he said. “No matter how good this bill is about IT and security, it doesn’t matter if it doesn’t also address the human factor.”
Rep. Nikki McDonald, D-Olathe, sponsored the bill, but said the bill does not mention municipalities and school districts, which are already spending money to provide special funding for security measures. There was concern that there would be no room to strengthen the system. Educational program.
“Think for a moment about the trickle-down of cybersecurity that is needed across the board,” she said.
©2024 Kansas City Star. Visit kansascity.com. Distributed by Tribune Content Agency, LLC.
