Governor Kathy Hochul joined with security leaders at New York University Tandon School of Engineering in Downtown Brooklyn to announce the first statewide cybersecurity plan to protect New York’s digital infrastructure on Aug. 8.
The plan outlines how the state will protect critical data, networks, and technology systems against cyber threats — securing both New Yorkers’ personal information and government data and operations.
“Our interconnected world demands an interconnected defense leveraging every resource available,” Hochul said in a statement. “This strategy sets forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats.”
The plan is defined by three main principles: unification, resilience, and overall preparedness. Cyber security is a “team sport,” Hochul said, and by expanding access to existing cybersecurity resources, enhancing existing regulations and requirements, and providing guidance to everyday New Yorkers, she hopes to shore up the entire state’s digital safety.
“We’re not naive to the threats any longer, we can’t say we didn’t know what’s coming, we’ve now seen enough, we know enough,” the governor said. “In New York, we’re preparing to succeed, not fail.”
The strategy is backed by $600 million in funding, including a historic $90 million investment for cybersecurity in the Fiscal Year 2024 budget.
Last year, Federal Bureau of Investigation estimated more than 25,000 New Yorkers fell victim to cyber crimes, according to Hochul’s office. In the 2020 Internet Crime Report, the FBI reported 791,790 complaints of suspected internet crime which was an increase of more than 300,000 complaints from 2019 — and victims of internet crime lost more than $4.2 billion.
Hochul’s plan looks to unify local offices and state systems, providing resources for local governments who are vulnerable to attacks.
The state’s most recent budget allocated $30 million to help county and local governments address any security gaps in their current systems, and that funding provided new protections to 53 million computers owned by local governments.
“Cyber threats are more prevalent than ever as the world relies on digital technology,” said Jackie Bray, commissioner of the state’s Division of Homeland Security and Emergency Services. “New York’s strategy positions us strongly in preparing for and responding to attacks.”
Late last year, One Brooklyn Health — which operates three hospitals in the borough — was hit with a devastating attack that took some computer systems fully offline.
The MTA faces “near daily” cyber threats, said chair and CEO Janno Lieber, with “literally billions” of attempts to breach the agency’s computer systems. In 2021, hackers successfully gained access to the system — though they reportedly did not access any tech related to train control or direction, the hack raised concerns about future attempts.
Lieber said the MTA has since hired a team of cybersecurity professionals to ensure the safety of its systems.
“Now we’re moving into a new territory, which is to train and prepare people across all the departments,” he said. “The system has to be protected at all costs and that means this kind of investment, investment in people and in process and technology so we can keep pace with the evolving threats.”
