[This article originally appeared in Government Technology.]
In post-9/11 America, states have accepted more responsibility in protecting their citizens. And as the firm grip of technology tightens around our daily lives and the most basic operations of government, one state is stepping up to the proverbial plate as a leader in the cybersecurity field.
New Jersey is perhaps best known for the “Parkway” and former presidential hopeful Gov. Chris Christie. But some might argue that it should be getting attention for its novel fusion center approach to cybersecurity.
Eleven months ago, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) took root within the state’s Office of Homeland Security and Preparedness (NJOHSP) as a counterpunch to the escalating online threats posed by a widening cast of bad actors. The mission: Find the threats, mitigate the threats and share the intelligence gathered in the process with everyone else.
According to Chief Information Security Officer Dave Weinstein, the statewide program is modeled after the Department of Homeland Security National Cybersecurity Communications Integration Center (NCCIC), and leverages a multi-pronged strategy to head off potentially damaging attacks.
“There is obviously a lot of intersection between what we are doing in the cybersecurity space and the [intelligence] space around threat analysis and information sharing,” he told Government Technology. “We have focused a lot over the first year on building our analytic capacity with support from [NJOHSP intelligence] and our technical capacity on the operational side of the house to just start sharing information in real time with the private sector …”
In addition to monitoring the larger cybersecurity landscape in the Garden State, the shop also builds in coordination with other vital agencies and departments. Engineers, analysts and communications experts are all on hand to address issues as they arise.
“Notably, we have collocated this organization with our state emergency operations center," Weinstein said, "so as we continue to build out our sharing and analytical capacity, as well as our ability to detect threats, we want to move further along the spectrum of responding to those threats, not only against the state government but threats against businesses and local governments in New Jersey."
Rosemary Martorana is the director of intelligence for NJOHSP, and said the information gleaned from the cyber side of the operation is increasingly valuable to counter-terrorism efforts within the state.
“Although right now most terrorist organizations possess the intent to conduct these destructive cyberattacks, they don’t have the capability," she said. "But looking down the road, that is something we want to be prepared for … to raise those barriers to entry and also, from a policy standpoint, be able to address these threats as we move forward in time."
To make sure the intelligence branch is apprised of the latest information, an analyst is embedded within NJCCIC as part of the team.
While the overarching goal of the NJCCIC initiative is thwarting attacks against public and private assets, Weinstein and Martorana said keeping the public and program partners aware of important information has been a key focus of the larger security mission.
“One of the things we’ve done in the last 18 months is to really share more information with our public, and that’s really because of our current threat environment and especially on the counter-terrorism, where we are facing more of a decentralized threat, is really engaging our local constituencies and involving them in the process,” she said. “It’s been very well received. I think oftentimes the public is hungry for more information, especially seeing a lot of it in the news, and they want to know what it means for them. We’re also engaging with new communities we probably wouldn’t have as frequently as before.”
With almost a year in the program’s rear-view mirror, Weinstein said there are some concerning trends repeating in the cybersecurity space. Among other emerging threats, the CISO said the falling barriers to entry for malicious actors pose a substantial threat to businesses and government alike.
“Generally speaking, I think it’s fair to say that local governments, state governments and small businesses in particular are more susceptible to advanced cyberthreats than most people think,” he said. “Certainly the state government and other governments across the state are not immune to these types of threats. By building the institutional capacity to detect more threats at the state and local level, we’ve kind of validated our going-in hypothesis that this is not a threat that is only focused on fortune 500 companies or the federal government.”
While Weinstein said New Jersey has received excellent support from state leadership to this point, he said other states have not been as fortunate. He points to a general lack of access and insufficient understanding on the part of decision-makers when it comes to the risks posed to state government.
In an ideal world, each state might have a cell to share vital information with one another in real time.
“We are the first state to really venture into this space, but we are hopeful others will follow suit,” Weinstein said. “The incident response space is sort of the next hurdle we are looking to tackle. There are lots of questions and barriers associated with that. That effort, nevertheless, is something that we’ve identified as a major need for citizens, businesses and governments in the state of New Jersey.”
Though the program monitors nearly every state agency for signs of intrusion and compromise and has the “loose” authority to establish enforce policy, Weinstein said he believes these capabilities may soon be expanded.
Eyragon Eidam is the assistant news editor for Government Technology magazine, and covers legislation, social media and public safety. He can be reached at firstname.lastname@example.org.