New York state adds $35 million to 2023 cybersecurity budget as attacks soar
Updated at 2:20 pm EST to include funding information from other states.
New York Governor Kathy Hochul is adding an additional $35 million in funding to the state’s $61.9 million cybersecurity budget for this year, while also creating a new team focusing on protecting critical infrastructure.
This week, Hochul said she decided to add the additional funding to the budget because the “frequency, magnitude, and impact of cyberattacks have increased.”
“The Industrial Control Systems assessment team, coupled with record investments, will support physical security and cybersecurity assessment programs to help facilities improve their cybersecurity posture, creating a safer and more secure Empire State,” she said.
The Office of Counterterrorism within New York’s Division of Homeland Security and Emergency Services will create the team, which will focus on the energy, transportation and manufacturing sectors.
New York DHS and Emegency Services Commissioner Jackie Bray noted that the state has had to ramp up its cybersecurity investments in recent years and partner with critical infrastructure operators to limit disruptions.
The state has faced several high profile attacks, including on the Metropolitan Transportation Authority in April 2021, which was hacked by a group based in China.
Last year, the information of 820,000 current and former New York City public school students was leaked following the hack of a digital education platform.
The governor’s office noted that the state’s high profile makes it a ripe target for hackers and noted that since 2017, more than 3,600 state, local, and tribal governments across the country have been hit with ransomware.
The increase in attacks is part of why Hochul tapped digital security veteran Colin Ahern to be the state’s first-ever Chief Cyber Officer in June 2022.
“As the threats to our digital infrastructure continue to evolve and grow in sophistication, it is more important than ever that we invest in the resources to protect New Yorkers from cyber threats,” Ahern said this week.
The additional $35.2 million will go toward expanding the “shared services to local governments that help identify security gaps that could be exploited by an adversary” and other cybersecurity enhancements statewide.
The funding will also support county-level cybersecurity funding through fiscal 2024 and the New York State Joint Security Operations Center, as well as the implementation of endpoint detection technology.
“These shared services help county and local governments assess and remedy gaps in their cyber defenses,” the governor’s office said.
“The shared services complement the State's ongoing efforts to build a common picture of cyber threats shared by cybersecurity teams from federal, state, city and county governments, publicly and privately owned critical infrastructure, and State agencies including the Division of Homeland Security and Emergency Services, Office of Information Technology Services, New York State Police, among others.”
The increase in funding mirrors initiatives in several other states. Illinois governor J.B. Pritzker pledged $30.2 million in cybersecurity funding for 2023 while Arizona plans to spend $10 million in 2023 to launch a statewide cybersecurity readiness grant program and provide cybersecurity tools to local governments and school districts. Both Florida and Maryland have made multi-year pledges of more than $100 million toward cybersecurity efforts."
New Jersey also recently announced its own cybersecurity initiatives centered around banning the use of certain technologies in government offices or on state-provided devices, including Tik Tok, Huawei, WeChat, Alibaba products, ZTE and Kaspersky Lab.
Governor Phil Murphy said the measures would “ensure the confidentiality, integrity, and safety of information assets managed by New Jersey State government" and were taken so the state could be "unified against actors who may seek to divide us.”
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.