Washington joins multi-state effort to ramp up cybersecurity

With looming threats from hackers, the dark web and ransomware, the cybersecurity world is a world that never sleeps.

Nonstop attacks against governments, businesses and individuals require unprecedented vigilance and rapid-response capabilities to keep data and information technology systems safe and secure.

Washington state today joined a multi-state compact led by the National Governors Association to support cybersecurity efforts. Signatories to the compact commit to building a state cybersecurity governance structure, preparing and defending their state against cybersecurity threats and growing the nation’s cybersecurity workforce.

Washington is ahead of the curve in all three areas, Gov. Jay Inslee said.

“Increasingly sophisticated cyber attacks call for increasingly sophisticated cybersecurity, and we’ve been on the leading edge of this effort for years,” Inslee said. “We have a dedicated cybersecurity office that defends against hundreds of attacks a year, we’ve engaged with our military department and utility companies to protect our infrastructure, and we’re cultivating some of the smartest cybersecurity minds in the world at our colleges and universities. We’re eager to share our expertise with other states and learn about other strategies to further strengthen our defenses.”

Washington was recognized as the first state to find a role for its National Guard in cybersecurity planning and the identification of vulnerabilities in the state’s networks. The Washington National Guard has also partnered with local utilities in an unprecedented initiative to identify and defend against threats to the state’s energy grid.

Employees of Washington Technology Solutions, the state’s technology services agency, work in the cyber security control room. Protecting against cyber attacks is the goal of a new multi-state compact lead by the National Governors Association. (Washington Technology Solutions Photo)

Maj. Gen. Bret Daugherty, director of the Washington Military Department and commander of the Washington National Guard, was recently appointed to chair the Adjutants General Association of the U.S. Cyber Committee and is co-chair of the Cyber General Officer Advisory Committee in the Pentagon.

“The Washington National Guard has received national accolades for our work to address cyber threats,” Daugherty said. “We have successfully used the unique talents of our soldiers and airmen to strengthen networks and help protect our critical infrastructure that our neighbors rely on. Our next step is to work with Congress and the National Guard Bureau to establish cyber Civil Support Teams in all fifty-four states and territories that will engage with our private and public partners to advance our planning and be ready to respond immediately to minimize the impact of a cyber attack. Washington is proud to lead this national effort.”

In 2015, Inslee launched the Washington State Office of Cybersecurity and the Office of Privacy and Data Protection in response to ever-increasing threats to individual privacy and infrastructure stability, and to preserve the continuity of commerce in the event of a cyber attack. Both offices are housed in the Office of the Chief Information Officer and are responsible for coordinating a statewide approach to responding to cyber threats to all parts of Washington’s economy.

“The Internet has fundamentally changed commerce. With those changes come threats, threats that won’t go away until the Internet goes away,” said Michael Cockrill, the Chief Information Officer for the state. “The increasingly global nature of how our governments and businesses operate means we must work with our partners in other states to ensure we’re all as prepared as possible.”

The Office of Cybersecurity blocks more than 100 million malicious activities each week, including surveillance, social engineering and sophisticated hacking tools. These malicious activities are intended to harm Washington’s businesses, reputation and citizens. It also has responded to 47 major cybersecurity incidents involving state agencies.

In 2016, Inslee held the first Governor’s Summit on Cyber Security and Privacy where he unveiled an executive order aimed at better protection public and private online privacy and data and announced a new partnership with the U.S Department of Homeland Security to strengthen the protection of critical infrastructure and government services.

In addition to the leadership of state government, many Washington businesses are at the forefront in the development and operation of cybersecurity. Cybersecurity is a career field that is expected to grow by 24 percent annually in Washington through the year 2020, and the state is actively working to train and recruit talented workers. For example, the Washington State Department of Commerce won a 2014 federal grant to help train military service veterans for civilian cybersecurity jobs.

Despite the state’s aggressive approach, Washington officials acknowledge that cybersecurity can never be airtight and every additional resource helps.

Governors are looking for ways the federal government can assist state cybersecurity efforts. The NGA has already endorsed legislation by U.S. Rep. Derek Kilmer, D-Gig Harbor, called the State Cyber Resiliency Act, which would provide federal grants to state, local and tribal governments to support their efforts to improve cybersecurity.

“Our progress in cybersecurity are a direct result of developing and enhancing our trusted partnerships across the state and across the nation,” said Agnes Kirk, the state’s chief information security officer. “By working together we can better protect our continuity of commerce and continuity of government.”

An image projected on the wall in the Washington Technology Solutions cyber security control room. Also known as WaTech, the agency provides technology services for the state. (Washington Technology Solutions Photo)