On May 3, 2018, Governor Malloy announced the release of the State of Connecticut’s Cybersecurity Action Plan, which builds on the State’s Cybersecurity Strategy launched in July 2017.  Developed by Connecticut’s Chief Cybersecurity Risk Officer Arthur House and Chief Information Officer Mark Raymond, the Action Plan applies the seven principles set forth in the Cybersecurity Strategy –  leadership, literacy, preparation, response, recovery, communication, and verification – to individuals, organizations, government agencies, and businesses.

The Cybersecurity Action Plan’s priorities include:

  • More extensive security in state government agencies, the General Assembly, and the judicial branch;
  • Creation of municipal cyber defenses and sharing of regional resources;
  • Active engagement with the business community;
  • Increased academic attention to the many effects of cyber compromise on society and action to prepare more graduates to meet the need for unfilled cybersecurity jobs in Connecticut; and
  • Increased attention to cyber-crime investigation, intelligence analysis and collaboration among local, state, and federal authorities.

Significantly, the Action Plan calls for the establishment of a cybersecurity investigations unit within the Connecticut State Police.  The Action Plan acknowledges that some of its action items will require legislative, regulatory and budgetary support to accomplish.  Wisely, the Action Plan provides that the people of the State of Connecticut “cannot continue to reap the advantages of the digital economy without protecting the digital assets to make it successful.”

The Cybersecurity Action Plan is available here.