LINCOLN, Neb. (Nebraska Examiner) – Every 14 seconds, a successful ransomware attack hits a new target, and the cost of cybercrime is expected to climb to an annual cost of $10.5 trillion worldwide by 2025.
“These numbers illustrate the absolute necessity that we as a state begin aggressively investing in cybersecurity infrastructure and software,” State Sen. Loren Lippincott of Central City told the Government, Military and Veterans Affairs Committee last week.
Lippincott, through Legislative Bill 1302, said he seeks to to be proactive in preventing such threats for Nebraska through $11 million in annual appropriations, designated to bolster the state’s network and create new cybersecurity preparedness training.
Most of the funds would be diverted to Nebraska’s Office of the Chief Information Officer:
- $4 million for software and professional services to continuously monitor publicly available cybersecurity vulnerabilities.
- $2 million for tools, hardware and software to support cybersecurity preparedness and defense.
- $2 million to award political subdivisions working to meet specific cybersecurity frameworks to upgrade their critical network infrastructure.
- $2 million for software and services that must be available at no cost to political subdivisions, capitalizing on the state’s ability to enter into different partnerships and achieve more favorable pricing for software.
The final $1 million would go toward hands-on defensive cyber training available in an unclassified, closed-computing environment. Residents, cybersecurity leaders and military service members would be able to train in a joint environment.
2023 bill failed by one vote
Last year, State Sen. Mike McDonnell of Omaha introduced LB 651, which would have appropriated $20 million for cybersecurity improvements. Lippincott, who sits on Appropriations with McDonnell, said the bill failed to advance from committee by one vote.
“We did ask folks out there in the state of whether or not this was ready to be implemented, and they felt it was not,” Lippincott said. “This year it is.”
Lippincott and McDonnell partnered on LB 1302 for 2024.
‘Warning for the rest of us’
John Skretta, administrator at Educational Service Unit #6 headquartered in Milford, testified in support as schools and other public entities are “highly vulnerable” to such cyberattacks. He said it’s “painfully evident” that schools need ongoing state support to be cyber resilient.”
“The current resources allocated and available for schools to access are inadequate to address the challenges we face,” Skretta said.
Skretta also testified in support on behalf of the ESU Coordinating Council, Schools Taking Action for Nebraska Childrens’ Education and Nebraska Rural Community Schools Association.
Nebraska Chief Justice Mike Heavican, in this year’s State of the Judiciary, called for upgrades to his court’s protection so it would not be a victim of a cyberattack, as Kansas was in October.
“Kansas serves as a warning for the rest of us,” Heavican told the Legislature last month. “If the Kansas Supreme Court fell victim to a sophisticated foreign cyberattack, without needed upgrades we must consider ourselves equally vulnerable.”
‘Ounce of prevention’
Jill Becker, registered lobbyist for Black Hills Energy, testified in a neutral capacity on LB 1302. She said it’s unclear if her organization would qualify under LB 1302, as a private entity, but that the state might benefit from Black Hills’ involvement.
Lippincott said Nebraska and its political subdivisions are “woefully behind” private sector counterparts in this arena, with LB 1302 the first step.
“As the adage goes, an ounce of prevention is worth a pound of cure,” Lippincott said. “While some may say that $11 million a year is more than an ounce of prevention, it’s less than is needed.”
No one testified or submitted letters in opposition. The committee took no immediate action.
Publicly known Nebraska attacks
State Sen. Loren Lippincott of Central City noted that more than a dozen state agencies, cities or other groups have been a subject of cyberattacks in Nebraska in recent years, including:
- CHI Health
- Nebraska Medicine
- Douglas County 911
- Papillion-La Vista Community Schools
- Boys Town National Research Hospital
- Cities of Wayne, Gothenburg and Beatrice
- Nebraska Departments of Labor and Health and Human Services
Nebraska Examiner is part of States Newsroom, a network of news bureaus supported by grants and a coalition of donors as a 501c(3) public charity. Nebraska Examiner maintains editorial independence. Contact Editor Cate Folsom for questions: info@nebraskaexaminer.com. Follow Nebraska Examiner on Facebook and Twitter.
Click here to subscribe to our 10/11 NOW daily digest and breaking news alerts delivered straight to your email inbox.
Copyright 2024 KOLN. All rights reserved.