May 22, 2023 By Czarinna Andres
A bill that would strengthen cybersecurity in New York state passed the Senate Internet and Technology Committee on May 22. The bill, S6474, is sponsored by Committee Chair Kristen Gonzalez.
The bill would require governmental entities to use multifactor authentication (MFA) for local and remote access to networks. MFA is an additional layer of security that requires users to enter a code from their phone in addition to their password. This makes it much more difficult for hackers to gain access to accounts.
The bill would also require public websites to encrypt all exchanges and comply with privacy standards. This would help to protect the personal information of New Yorkers who use government websites.
“Cyber attacks are on the rise, and state entities are an increasingly frequent target,” Gonzalez said. “New Yorkers should never have to fear that the state government will lose access to its systems because of an attack. Multifactor Authentication is a cost effective way to improve our cybersecurity preparedness; it is 99.9% more unlikely for an account to be compromised when MFA is used. We know that attacks aren’t going away; increasing our preparedness by using MFA is one of the best ways we can protect our state government.”
Since 2017, more than 3,600 local and state governments across the country have been targeted by ransomware attacks. In New York, hundreds of attacks are attempted each year on state entities.
In 2022, a cyber attack plunged the Suffolk county government offline for weeks. The attack forced officials to disable email access for 10,000 civil service workers. Attacks like this one show that local governments need to do more to bolster their cybersecurity preparedness.
The bill, S6474 now heads to the Senate Finance Committee for consideration.