I-TEAM: Local Authorities Adapting to New State Cybersecurity Regulations

Try Our Free Tools!
Master the web with Free Tools that work as hard as you do. From Text Analysis to Website Management, we empower your digital journey with expert guidance and free, powerful tools.

Ohio Enhances Cybersecurity Regulations for Local Governments

Ohio is instituting new cybersecurity standards aimed at fortifying local governments.

[DOWNLOAD: Free WHIO-TV News app for alerts as news breaks]

The recently enacted legislation underscores the importance of safeguarding personal information and ensuring the continuity of essential services provided by local governance.

As highlighted in News Center 7 at 6:00, I-Team Lead Investigative Reporter John Bedell has been investigating the impending changes that local administrations must implement starting tomorrow.

TRENDING STORIES:

Lawmakers embedded the provisions regarding enhancements to cybersecurity within the first 40 pages of the state budget.

In an era where court records, utility invoices, and tax documents are increasingly digitized, local authorities are custodians of sensitive personal data.

This is precisely the type of information that cybercriminals covet.

“Malicious actors, including both nation-state operatives and common criminals, exploit our modern infrastructure for their nefarious purposes, effectively holding it hostage,” stated Kirk Herath, Cybersecurity Strategic Advisor to Governor Mike DeWine.

Bedell discussed with Herath the recent surge in ransomware incidents and focused on specific cyber assaults directed at local governance reported by News Center 7.

“Such attacks can disrupt critical services,” Herath elaborated.

New regulations in Ohio will commence a shift in how public entities handle cybersecurity compliance.

Beginning Tuesday, local governments that experience a cyber incident will be mandated to notify both the Ohio Department of Public Safety and the Ohio Auditor’s Office.

In addition, changes will affect the approval process for local governments contemplating ransomware payments.

“Payments to ransomware perpetrators cannot be conducted secretly. A public resolution from your council or board is necessary,” Herath emphasized.

By January 1, county and city governments must implement comprehensive cybersecurity programs, including employee training, while all other local entities have until July 1 to comply.

Recently, West Chester Township reported a possible cybersecurity breach.

The City of Middletown also faced a cyber onslaught last month.

News Center 7 has documented the significant impacts on several essential municipal services.

In late 2023, the City of Huber Heights declared a state of emergency following a ransomware attack.

News Center 7’s John Bedell solicited feedback from 13 local governments regarding the implications of the recent law. Below are some responses:

“We are in the process of formalizing our existing process into a written policy. Major alterations are not anticipated, as we have already implemented nearly all law requirements post-incident.” – City of Huber Heights IT Department

We recognize the new standards contained in HB 96 and believe all political subdivisions should enforce robust cybersecurity policies. This law compels compliance from those who may not have done so.

Our IT Department is modifying our existing Comprehensive Cybersecurity Plan to incorporate the new mandates, particularly in reporting incidents to the state and the resolution requirement for ransom payments. – Brandon Huddleson, Greene County Administrator

“The City remains committed to robust cybersecurity practices and adheres to HB 96’s stipulations. Our current program aligns with state standards and will evolve with further guidance.” – City of Dayton

“Kettering is adequately prepared to meet the new state requirements, having previously established a comprehensive cybersecurity framework. The primary changes involve formal documentation rather than operational adjustments.”

“City Council formalized the cybersecurity program resolution, and administrative policies documenting best practices were created. We also updated our incident response plan to ensure timely notifications to relevant state authorities.”

The law additionally strengthens defenses by exempting various cybersecurity records from public disclosure mandates, a measure intended to deter cyber threat actors from conducting reconnaissance.

“Existing practices already met these benchmarks, so the legislation principally aims to formalize and mitigate vulnerabilities. Our focus on cybersecurity persists as we strive to protect resident data and municipal systems.” – Amanda Harold, City of Kettering Communications and Engagement Manager

“Clark County has long adhered to core principles of risk management as outlined in HB 96. This legislation merely codifies our ongoing practices.” – Jennifer Hutchinson, Clark County Administrator

“Troy has been largely compliant with the new cybersecurity guidelines for approximately two years and does not foresee significant changes.” – City of Troy

“The City of Springfield has proactively implemented numerous provisions outlined in HB 96, such as staff training and incident response measures. We are reviewing the law to ensure full compliance, especially as ransomware attacks escalate nationwide.” – Karen Graves, Springfield Communications Director

“The newly established standards reinforce the proactive initiatives our IT team has undertaken. To comply with the new requirements, we will formalize our cybersecurity plan and present it to City Council for adoption.” – City of Centerville

I-TEAM: Local Authorities Adapting to New State Cybersecurity Regulations

“Montgomery County is positioned to comply with the new law, placing a top priority on safeguarding sensitive resident data and regularly updating our practices.” – Jim Brandenburg, Director of IT, Montgomery County

“The City of Fairborn is currently revamping its cybersecurity initiative in alignment with state standards, focusing on procedural modifications that ensure compliance by January 2026, ultimately bolstering protections for public services and resident information.” – Emily Gay, Fairborn Communications Manager

“The City of Xenia is dedicated to enhancing its security framework and values the State of Ohio’s support. While we have implemented several best practices, we are consolidating these into a more comprehensive policy and look forward to further guidance from the state.” – City of Xenia

News Center 7 will provide ongoing coverage of this evolving narrative.

[SIGN UP: WHIO-TV Daily Headlines Newsletter]

Source link: Yahoo.com.

Disclosure: This article is for general information only and is based on publicly available sources. We aim for accuracy but can't guarantee it. The views expressed are the author's and may not reflect those of the publication. Some content was created with help from AI and reviewed by a human for clarity and accuracy. We value transparency and encourage readers to verify important details. This article may include affiliate links. If you buy something through them, we may earn a small commission — at no extra cost to you. All information is carefully selected and reviewed to ensure it's helpful and trustworthy.

Reported By

RS Web Solutions

We provide the best tutorials, reviews, and recommendations on all technology and open-source web-related topics. Surf our site to extend your knowledge base on the latest web trends.
Share the Love
Related News Worth Reading