A newly signed law gives the Information Technology Department the authority to define cybersecurity for all public entities within the state.
The North Dakota legislation authorizing a new unified approach to cybersecurity was signed into law Thursday by Gov. Doug Burgum.
The governor, a former Microsoft executive, said Senate Bill 2110 would go far toward protecting the state's digital infrastructure.
“This important investment in 21st-century critical infrastructure recognizes the increasingly digital world in which we live and the growing nature of cybersecurity threats,” said Burgum. “A unified approach to cybersecurity strengthens our ability to protect the state network’s 252,000 daily users and more than 400 entities from cyberattacks."
On average, officials estimate the state sees roughly 5 million cyberattack attempts each month.
The bill gives authority to the state’s Information Technology Department (ITD) to define cybersecurity for all of the state’s public entities — including cities and counties, state agencies, school districts and institutions for higher education.
Previously, all of those entities were responsible for providing their own cybersecurity — a fact that many security experts view as a liability. By creating one unified strategic framework, officials say they will be able to ferret out security gaps, while also bringing everybody together onto the same page strategically.
“The collaborative effort on this legislation clearly reflects a whole-of-government approach by North Dakota’s leaders, enabling the state to effectively address millions of monthly attacks and identify potential gaps in cybersecurity,” CIO Shawn Riley said in a statement.
The bill’s passage comes at a time when Burgum has also sought to spike the state’s IT spending — asking for $16.4 million to aid the new centralization process in his 2019-21 fiscal budget proposal.
At the same time, Burgum has also asked for the creation of a new IT office that will assist with cybersecurity efforts. That office would cull 145 employees from 17 different cabinet agencies, bringing them together to pursue solutions to the state's security risks.