The Nevada state legislature and Gov. Joe Lombardo have approved and signed into law a bill that will stand up a statewide security operations center and grow its cyber workforce.
The passage of Assembly Bill 1 (AB1) comes shortly after a cyberattack disrupted the state’s IT systems for 28 days in August. That attack occurred after a successful search engine optimization poisoning campaign embedded malicious code into an online resource often used by state IT personnel, a recent report from the State of Nevada’s Governor’s Technology Office (GTO) said.
AB1 specifically affirms the creation of the Security Operations Center (SOC) under the Nevada Office of the Chief Information Officer. The SOC’s duties outlined under the bill will include establishing the Cybersecurity Talent Pipeline Program, authorizing school districts to use state cybersecurity services, and strengthening statewide cyber defenses in response to rising threats.
That workforce pipeline program will collaborate with the Nevada System of Higher Education and must develop a career development system for students in computer science or cybersecurity fields.
It also “must provide opportunities for students … who are majoring in a field related to cybersecurity to obtain working experience in the Security Operations Center,” according to the bill’s text.
For cybersecurity measures, the bill requires that the SOC help oversee cybersecurity investigations, create standards and policies for IT-related equipment leased out or owned by the state and used by agencies, and provide each state agency and elected officers with cybersecurity services, including real-time monitoring and threat mitigation.
The bill also created appropriations for cybersecurity, while authorizing the SOC to pool federal grant funds for cybersecurity support and infrastructure development. AB1 also encourages the GTO to apply for grants related to cybersecurity.
“AB1 is a significant milestone as it … allocates historic funding for cybersecurity enhancements within the executive branch,” said Timothy Galluzi, chief information officer for the state of Nevada, in a LinkedIn post. “Moreover, it enhances transparency and communication between the executive and legislative arms, fostering collaboration.”
“This groundbreaking legislation facilitates unprecedented collaboration among state, local, K-12, higher education, and all governmental entities within Nevada, setting the stage for comprehensive cybersecurity initiatives,” Galluzi added.