Strategy defines cybersecurity as a core function of the state.
New York has its first-ever statewide cybersecurity strategy, articulating a set of high-level objectives for cybersecurity and resilience across New York.
Outlined by State Governor Kathy Hochul, the strategy clarifies agency roles and responsibilities, outlines how existing and planned initiatives and investments knit together into a unified approach and reiterates the State’s commitment to providing services, advice and assistance to county and local governments.
“Our interconnected world demands an interconnected defense leveraging every resource available,” Governor Hochul said. “This strategy sets forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyberthreats.”
The strategy unifies New York’s cybersecurity services in order to safeguard critical infrastructure, personal information and digital assets from malicious actors. It also provides a framework to align the actions and resources of both private and public stakeholders, including county and other local governments.
Acting New York State Chief Information Officer Jennifer Lorenz said: “Thanks to Governor Hochul, cybersecurity is a priority in New York State – backed up by real funding, real human resources and a real strategy designed to protect the state’s assets from intrusion and attack.
“The Office of Information Technology Services is proud to be a partner in carrying out this important mission and know it will result in cyber defenses that are better, stronger and more agile.”
Governor Hochul announced her commitment to bolster New York State’s centralized cybersecurity during this year’s State of the State address.
The historic $90 million investment for cybersecurity included in the Fiscal Year 2024 Budget made $30 million in shared services funding available to assist local governments in strengthening their own defenses against cyberthreats.
This initiative signaled a new and stronger collaboration between the state and its local governments on this critical and evolving issue.
The strategy includes providing $500 million to enhance New York State’s healthcare Information Technology, primarily cybersecurity infrastructure, as well as $7.4 million to expand the New York State Police’s Cyber Analysis Unit, Computer Crimes Unit and Internet Crimes Against Children Center.
Overall, the strategy is defined by three central principles – unification, resilience and preparedness – that the state can lean on to present a unified and resilient defense against new and more sophisticated cyberthreats; preventing the vast majority of attacks but also isolating, controlling and mitigating potential threats; and preparing, adapting and always being ready for the cyber challenges of the future.
This strategy is seen as a blueprint for cybersecurity stakeholders across New York – from state agencies to local governments – to understand how they fit into a larger plan.
The blueprint provides objectives, lines of effort and a commitment from the Governor that they can use in future planning and program design.
Governor Hochul also signed legislation to expand New York’s technology talent pool and provide funding to help ensure New York-based employers can hire and retain necessary expertise.