Arizona's new cyber command center will deal with threats to government data
Arizona officially launched its new cyber command center Monday to deal with threats to state and local government computers.
But the head of the state Department of Homeland Security, who will be running it, insists that Arizonans should not worry that the state will be using all that expensive high tech equipment to spy on them. In fact, Tim Roemer said that protecting the data on government computers actually will help protect individuals.
"They're actually one in the same," he told Capitol Media Services. That's because Roemer said his agency is legally responsible for protecting the data that Arizonans are required to provide the state, such as tax information and driver's license number.
You name, them, we have them," he said. "If I fail, if we fail, that information gets sold on the dark web or it gets sold to criminals, now they're going to use that to target you in your personal life and your work life as well."
Consider, Roemer said, getting an email or text that purports to be from the Motor Vehicle Division which has the number of your driver's license and says unless you "click here" it will expire. That, he said, would appear to be legitimate.
"And once you click on it, you can be completely compromised," Roemer said.
"You may not know it right off the bat," he continued. "But that's how they use the data to then go after you personally and professionally."
It's his job, Roemer said, to stop that before it happens.
And there are multiple attempts.
"In September alone, our Department of Homeland Security has detected and alerted on almost 70 million cyber threats," said Gov. Doug Ducey. "They've blocked over 800,000 attacks on state websites."
Those kinds of threats, the governor said, resulted in the state spending $11 million last year to establish a new cybersecurity program. On top of that was another $3.5 million for what Ducey called "enhanced cybersecurity tools to protect the state as many Arizonans transitioned to telework."
And the bottom line, Ducey said, is simple.
"The good guys have to be right 100% of the time," he said. "And our enemies only have to be right once."
Some of what Roemer said he hopes to do to boost security is strictly internal, teaching state workers to be more careful.
"I've got 36,000 state of Arizona employees," he said. "One of them making a stupid mistake can put all of our hard work in jeopardy."
Education aside, he wants to reduce the chances of that happening even further, saying he is working with state agencies to reduce the number of workers who have administrative-level access to computers.
Roemer said while what his department is doing is a state function, he is hoping for cooperation from — and seeking to help — local governments.
"Right now, school districts are a huge target," he said, with attackers trying to install "ransomware" on computers, holding them and the data on them hostage until someone pays up. What the new cyber command center does, Roemer said, is provide a "resource" to local governments, showing what the state is doing to enhance security and offering to partner with them.
And it works both ways.
For example, he said Kingman shared with his agency an effort to breach its computer systems. Roemer said that allows his experts to analyze the threat, including how the attempt was made, and work to immunize state computers as well as pass on the details to other local governments.
"We're finally going to have this resource and this ability to say, 'Come look, we as a state are improving our cybersecurity resiliency and want to partner with you, the locals,'" he said.
EDITOR'S NOTE: This story has been modified to correct the byline.