Kansas Pushes Cybersecurity Bill In The Wake Of A Devastating Attack

Kansas Pushes Cybersecurity Bill In The Wake Of A Devastating Attack

Tyler Cross Tyler Cross
Published on: March 27, 2024

Kansas State advanced a new bill aimed at improving the state’s cybersecurity defenses. This new bill comes after a year of heightened attacks on Kansas government agencies, universities, and companies.

The growing attacks eventually resulted in hackers stealing data from the Kansas State court systems and ransoming it for over a month in 2023. It led to a five-week-long state-wide disruption that prevented courts from accessing its prior records.

Even after this devastating attack, hackers continued attacking various entities in Kansas. More recently, Kansas University had its systems disrupted by a different group of hackers. This led multiple teams to conduct audits in Kansas. Auditors found that more than half of the state-sponsored entities in Kansas fail to meet basic cybersecurity standards.

The new legislation aims to counter the growing attacks by requiring mandatory audits of agencies that work alongside the government. In addition, these entities will become required to maintain a minimum threshold of cybersecurity defenses to prevent them from being so easily hacked.

The proposed rules would come with strict penalties for agencies not meeting the requirements, including a 5% reduction in their budget. While the law will improve cybersecurity on the state level, Nikki McDonald (R) and other lawmakers voiced that it doesn’t address the defenses of important infrastructure like universities or hospitals.

Lawmakers stated that the bill is meant to push a cultural change in their state and that despite a rapid advancement in cybersecurity defenses, the weakest link is the human element.

“The weakest point we will find ourselves in any cyber situation is the human link. It doesn’t matter how great we make out IT or security with this legislation if we don’t also address the human factor,” said Speaker Pro Tem Blake Carpenter (R).

Due to the rapid development of new cyber threats, legislators expect to revisit the bill at least once a year.

Source of Article