Estimated reading time: 3 minutes
Nevada expects its $7 million government cyber insurance policy to cover all direct costs of a cyber attack that paralyzed state operations in August, a top official recently told lawmakers.
Hack Disrupted Operations & Generated More Attacks
The ransomware attack forced the closure of some state offices for two days; disrupted the Department of Motor Vehicles; knocked out websites including Gov. Joe Lombardo’s; and required the state to place many employees on administrative leave. It also led to a surge in attempted penetrations of state IT systems. “Nevada has faced a 300% increase in cyberattack attempts on its websites since a ransomware attack in August knocked several state websites offline and downed several digital services, Gov. Joe Lombardo said in a press briefing,” according to State Scoop.
Hackers Obtained Some Data
“Early Sunday, August 24, the State of Nevada identified a ransomware-based cyber incident and immediately activated its cyber response plan, engaging in 24/7 recovery efforts,” reports a state web site, which notes that: “A forensic review confirms that some data was exfiltrated (moved outside the state network).”
Insurance Expected to Cover Direct Costs
Despite the significant scope of the attack, Nevada’s government cyber liability insurance is expected to cover state costs, said Timothy Galluzi, the state’s CIO. He told legislators that “direct expenses” incurred so far are “well under” the policy limit. Of course, that likely does not include time lost by citizens unable to access services in the aftermath of the incident.
Get The Cyber Insurance New Upload Delivered
Subscribe to our newsletter!
Trend of Cyber Attacks on Local Government
Cyber attacks against government organizations are increasing. We reported on a recent study that warned about the lack of effective cyber security in many local governments. “Many local government cybersecurity operations run legacy systems with tight budgets and staff who lack advanced cybersecurity training…“Most municipal IT setups weren’t built for this level of assault.” Local governments are trying to address the shortcomings and risk with government cyber insurance, include policies employing cyber risk pools.
Nevada Cyber Insurance Requirements Include HOAs
Not only does Nevada have its own government cyber insurance, it also has implemented policies requiring insurance for other organizations. In 2023, the state passed a law requiring homeowner associations (HOAs) to purchase cybersecurity insurance that covers at least $1 million in damages. The insurance must cover a variety of cyber risks, including data breaches, ransomware attacks, and phishing attacks. The state also established a requirment for HOAs to take basic security measures to protect the data of their members.
Related Posts
