By Leo Wolfson, State Politics Reporter
Leo@Cowboystatedaily.com
Within his $354 million supplemental budget request, Gov. Mark Gordon seeks to address cybersecurity in the Cowboy State, requesting $7.2 million to beef up the state’s cyber protection efforts.
The governor’s plan would include adding levels of security for nearly 100 applications in use by the state of Wyoming. This is one of the many projects Gordon has cited within his budget proposal that he sees as an investment for Wyoming’s future.
“Attacks on Wyoming institutions are increasing, and the risk of a successful attack is now magnified as well,” Gordon wrote in his supplemental budget report. “Fortunately, we are making progress in defending our agencies.”
More Attacks
Over the past year, the Wyoming Department of Enterprise Technology Services noted an increase in the sophistication and volume of cybersecurity threats, a factor it identified as negatively affecting its ability to do work.
ETS identified a number of cybersecurity risks it believes need to be immediately addressed to guarantee the security and integrity of the state’s systems and assets.
These include critical vulnerabilities within 88 agency applications that could be hacked and prevented from being used. It’s requesting $4.9 million to resolve the shortcomings with technological upgrades.
An additional $1.9 million would be used for other security measures and to perform various upgrades, and $425,000 would be budgeted for a contractor to develop statewide enterprise architecture.
“If the critical vulnerabilities within the 186 agency applications are not mitigated, there is an increased likelihood for a cybersecurity incident or data loss,” the governor’s report says.
Already Acting
ETS has already implemented initial measures to address cyber warfare and plans to expand these efforts statewide through a “whole-of-state” approach that includes providing cybersecurity and consultation and coordination, and monitoring of incident responses to support local efforts if needed.
This year, the department created Wyoming’s first state government Security Operations Center to monitor the state’s network 24/7 and resolve possible vulnerabilities in the system.
It also developed a partnership with the federal Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security, which also helped strengthen the Wyoming network.
Wyoming’s Homeland Security department also is monitoring cyber threats.
Dedicated Law Enforcement
Gordon also requested $74,131 in salary for a sworn peace officer for the Wyoming Gaming Commission, whose duties would specifically focus on investigating and assisting in cybersecurity and online fraud within gaming operations throughout the state.
ETS plans to develop a cybersecurity roadmap and framework for its ongoing efforts. This would include expanding the state’s cyber ecosystem, expanding cyber partnerships and outreach.
In fiscal year 2022, the state had a 300% increase in its cyber insurance alone.
Statewide Issues
Within Gordon’s budget also is a request to modernize the administrative computing system of community colleges throughout the state.
In 2021, Eastern Wyoming College in Torrington experienced a cyberattack that disabled the school’s computer, phone and email systems. The Wyoming Community College Commission is still supporting the school in the fallout from this event.
In fall 2019, Campbell County Health was hit with a ransomware attack that disabled its network, disabling hospital systems and preventing access to patient information. The attack interfered with its operations for months.
In the wake of the COVID-19 pandemic, the FBI and two federal agencies said they had “credible information of an increased and imminent cybercrime threat to U.S. hospitals and health care providers.”
In spring 2018, the city of Cody and Park County’s email accounts were blacklisted by servers after hackers accessed at least three email accounts and hijacked them to deliver around 50,000 spam messages. The shutdown significantly impacted their operations for weeks with employees unable to use their email accounts for 20 days.
In recent years, cyberattacks on private residents also have become more common in Wyoming, with seniors often taken advantage of financially. Police departments and sheriff’s offices around the state have warned their constituents about the matter.
