ANAPOLIS, Md. (AP) — Gov. Larry Hogan on Thursday signed into law strengthening the Maryland State and local government cybersecurity measures.
One such measure is designed to help local governments, school systems and health departments improve cybersecurity with additional resources and assistance from the Maryland Emergency Management Agency. The agency will support local governments in developing vulnerability assessments and response plans.
“Today, we are signing bipartisan legislation to continue to strengthen our position as the cyber capital of America and further strengthen our infrastructure to protect Marylanders from cyber attacks,” the Republican governor said in reference to the state’s cyber It said the number of security companies, as well as cyber-related federal agencies and military installations.
In a year of huge budget surpluses, Maryland lawmakers approved about $570 million for cybersecurity and information technology upgrades at the legislative session that ended last month. That includes about $200 million for cybersecurity and nearly $334 million for information technology development projects.
Democratic Senator Katie Fry Hester, the lead sponsor of the Senate’s cybersecurity legislation, said protecting the state’s essential public infrastructure is critical.
“Right now, everything is electronic: our drinking water, our transportation, our public safety, our education, our financial system — it’s the government’s responsibility to maintain it,” she said. “We have to make sure that our daily lives as Marylanders are not disrupted, and I think these three bills, combined with the $570 million in the 2023 budget, will allow us to make a lot of progress toward those goals.”
Hogan also signed a bill creating reporting requirements for state agencies and local governments, including reporting cybersecurity incidents. Agencies will be required to complete a cybersecurity assessment and correct findings. Local government entities must consult with local emergency managers to develop or update a cybersecurity preparedness and response plan.
Another measure expands cybersecurity requirements for state agencies and water and sewer systems. It requires public or private water or sewer systems serving 10,000 or more users and receiving state financial assistance to assess their vulnerability to cyberattacks.
Last year, a hacker broke into the system controlling a water treatment plant in a Florida city of 15,000 people and attempted to contaminate the water supply with caustic chemicals. Cybersecurity experts said the incident exposed growing dangers as systems became more computerized and accessible via the internet.
A provision in the bill also requires that at least 20% of the amount spent on information technology in fiscal 2023 be spent on the next fiscal year.
State and local governments are ripe targets for hackers, although President Joe Biden’s administration has announced additional steps to protect federal government systems from hackers. Cities are also under cyber attack.
Baltimore County was one of about 50 school systems across the country hit by ransomware in 2020, costing the county millions of dollars. In December, the Maryland health department was hit with a ransomware attack that hampered information on health indicators related to COVID-19.
Copyright © 2022 The Washington Times LLC.