Governor Hochul Announces Nation-Leading Cybersecurity Strategy
Governor Kathy Hochul today announced New York’s first-ever statewide cybersecurity strategy aimed at protecting the State’s digital infrastructure from today’s cyber threats. The Strategy articulates, for the first-time, a set of high-level objectives for cybersecurity and resilience across New York. It clarifies agency roles and responsibilities, outlines how existing and planned initiatives and investments knit together into a unified approach, and reiterates the State's commitment to providing services, advice, and assistance to county and local governments. New York State’s cybersecurity strategy provides public and private stakeholders with a roadmap for cyber risk mitigation and outlines a plan to protect critical infrastructure, networks, data, and technology systems.
"Our interconnected world demands an interconnected defense leveraging every resource available, "Governor Hochul said. "This strategy sets forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats."
The strategy unifies New York’s cybersecurity services in order to safeguard critical infrastructure, personal information and digital assets from malicious actors. It also provides a framework to align the actions and resources of both private and public stakeholders, including county and other local governments.
New York's cybersecurity strategy is not just about protecting our digital assets. It is about ensuring the safety and security of all New Yorkers and maintaining our ability to function and thrive in the digital age. From the State employees who deliver digital services to the residents who access and rely on them, the strength of the State’s cyber defense impacts all New Yorkers. This strategy highlights the Governor's commitment to cybersecurity, not just for State Government systems but for New Yorkers everywhere, as a core responsibility of the State.
Governor Hochul announced her commitment to bolster New York State’s centralized cybersecurity during this year’s State of the State address. The historic $90 million investment for cybersecurity included in the Fiscal Year 2024 Budget made $30 million in shared services funding available to assist local governments in strengthening their own defenses against cyber threats. This initiative signaled a new and stronger collaboration between the state and its local governments on this critical and evolving issue. A part of this strategy includes providing $500 million to enhance New York State’s healthcare information technology, primarily cybersecurity infrastructure, as well as $7.4 million to expand the New York State Police’s Cyber Analysis Unit, Computer Crimes Unit and Internet Crimes Against Children Center.
The state’s comprehensive cybersecurity strategy is defined by three central principles: Unification, Resilience and Preparedness. When taken together, New York State can lean on these tenets to present a unified and more resilient defense against new and more sophisticated cyber threats; preventing the vast majority of attacks but also isolating, controlling and mitigating potential threats; and preparing, adapting and always being ready for the cyber challenges of the future. This strategy offers a blueprint for cybersecurity stakeholders across New York, from State agencies to local governments, to understand how they fit into a larger plan. The blueprint provides objectives, lines of effort, and a commitment from the Governor that they can use when doing future planning and program design.
Governor Hochul also signed legislation to expand New York's technology talent pool and provide funding to help ensure that New York-based employers are able to hire and retain necessary cybersecurity personnel. Governor Hochul acknowledged the importance of strengthening this sector during today’s announcement, which was attended by recent graduates of the MTA’s Operational Technology Cybersecurity Program.
New York State Chief Cyber Officer Colin Ahern said, “Our vision for unification, resilience, and preparedness addresses the critical need for advanced resources and expertise across the state. We're ensuring that every New Yorker is equally protected from digital threats."
Acting National Cyber Director Kemba Walden said, "The President’s National Cybersecurity Strategy articulates an affirmative vision for a defensible, resilient, and values-aligned digital ecosystem that benefits all Americans and enables our grandest national ambitions. The strategy calls for bold action to rebalance the responsibility for managing cyber risk onto those entities that are most capable of keeping us all safe, and shifting incentives to drive coordinated investments in long-term resilience. The New York strategy similarly articulates a fundamentally affirmative vision for cyberspace—that is, it is not simply reactive to threat actor behavior—and advances policy in areas such as: (1) public-private operational collaboration, (2) regulation of critical infrastructure, (3) cyber education and workforce development, and (4) IT modernization."
New York State Division of Homeland Security and Emergency Services Commissioner Jackie Bray said, “Cyber threats are more prevalent than ever as the world relies on digital technology. New York’s strategy positions us strongly in preparing for and responding to attacks. Thanks to Governor Hochul’s vision and historic investment in cybersecurity, New York continues to lead the way.”
MTA Chair and CEO Janno Lieber said, “In recent years, MTA has made cybersecurity one of our top priorities. It is essential to ensure we can deliver service for the 6 million-plus commuters and travelers who depend on us every day.”
Acting New York State Chief Information Officer Jennifer Lorenz said, “Thanks to Governor Hochul, cybersecurity is a priority in New York State – backed up by real funding, real human resources and a real strategy designed to protect the state’s assets from intrusion and attack. The Office of Information Technology Services is proud to be a partner in carrying out this important mission, and know it will result in cyber defenses that are better, stronger and more agile.”
New York State Police Acting Superintendent Steven A. Nigrelli said, “Law enforcement is constantly challenged to keep pace with evolving online technologies that are utilized by criminals to steal from the public or gain access to sensitive information. We want to remind the public that just like you should be aware of your physical surroundings, you should be aware of your online presence too. The State Police will continue to work with our partners in safeguarding our cyber security networks.”
Department of Financial Services Superintendent Adrienne A. Harris said, "The Department of Financial Services is a pioneer in recognizing the risk of cyber-attacks and the importance of adapting to new threats and more sophisticated cyber criminals. The Department’s first-in-the-nation requirements to protect DFS-regulated banks, insurance companies, financial services institutions and the consumers they serve stand as a model and I applaud Governor Hochul for advancing a comprehensive plan to address these issues across government and other critical industries.”
Chair and Chief Executive Officer of the Public Service Commission Rory M. Christian said, “New York is a hub for significant financial, governmental, manufacturing, and transportation infrastructure that has higher than normal risk of cyberattack for either criminal or geopolitical reasons. With her drive and determination, Governor Hochul’s leadership will help ensure that New York has the best cybersecurity protection available.”
SUNY Chancellor John B. King, Jr. said, “SUNY campuses are leading in cybersecurity education, both in preparing our students for jobs, and in providing cutting-edge laboratories for faculty, staff, and student research. Our students are in high demand for jobs, and we are thankful for the Governor’s investment to help us educate more New Yorkers in this field, and, via the Digital Transformation Fund in the 2024 enacted budget, protect our campuses from cyber attacks. We applaud Governor Hochul for leading this comprehensive statewide strategy.”
New York State Health Commissioner Dr. James McDonald said, “Under Governor Hochul’s leadership, New York State has significantly enhanced its cyber defenses, which is critically important to our health care system. This first-ever statewide cybersecurity strategy builds on these achievements by helping protect critical systems from cyber threats. The Department of Health looks forward to continuing to work closely with our agency partners on ensuring New York’s hospitals and health care facilities stay secure.”