The state’s cybersecurity strategy, which was accelerated by the passing of Senate Bill 2110 in February 2019, has focused largely on giving the North Dakota Information Technology Department (NDIT) authority on cybersecurity matters for the state’s 400 public entities. In the past year, the strategy has broadened with targeted initiatives, such as a statewide awareness campaign, incorporating efforts to make individuals more resilient against cyber attacks.
In the education space, there was a significant effort to install anti-malware software on 45,000 Chromebooks used by students throughout the state, announced on Jan. 19, 2021. Prior to this undertaking, protective software needed to be installed to each device manually, but now school districts can manage the deployment centrally.
As described by Steve Palmer, K-12 information systems security analyst for NDIT, this project has been in the works since August 2018, and will decrease the risk that exists anytime these laptops leave the schools. All of this comes at no cost to schools.
Palmer stressed the importance of securing these devices as distance learning continues to shape the education space. NDIT will also be working with administrators and teachers to provide training or help if needed while implementing the software, Palmer noted.
In addition, NDIT is also increasing cybersecurity awareness for the general public with a new tool it announced Dec. 10, 2020. Tony Aukland, cybersecurity education and public awareness manager, said the defend.nd.gov program provides free online cybersecurity risk assessment to citizens, who are increasingly responsible for their own online security.
Chief Information Security Officer Kevin Ford said the department has received positive feedback about the platform.
“Defend.nd.gov provides a range of tools, resources and opportunities that empower organizations and citizens in North Dakota to defend against cyber attacks and significantly impact our safety and privacy,” said Ford.
The free tool, created by SecurityStudio, allows individuals to learn about potential security risks while instructing them on how to secure mobile devices and Wi-Fi, back up data, authentication and even physical security. It also provides a report with recommended actions to individuals that can further decrease risks. Aukland said cyber criminals aren’t generally after top-secret data as much as they are valuable personal information, highlighting the importance of protecting it.
The most overarching effort might be the Joint-Cybersecurity Operations Command (J-CSOC), which will allow North Dakota to partner with other states to share intelligence. The multistate partnership will help cement best practices and establish a secure technical method of sharing this type of intelligence to work together with other states to counter threats. Currently, there is no such mechanism in place.
The project will be developed and operationalized through a series of phases. When paths are proven, outreach will begin to expand the J-CSOC and involve other states.
