“Online interaction is vital to nearly every aspect of our economy, including utilities and financial sectors,” Pence said. “While risk can never be completely eliminated, Indiana will employ all available tools to manage cyber threats.”
John Hill, the governor’s chief of staff for public safety, will lead the effort as state cybersecurity coordinator, while David Kane, executive director of the Indiana Department of Homeland Security, will chair the Cybersecurity Council. The council will be filled with subject-matter experts from a diverse array of disciplines, said John Erickson, director of public information for the Indiana Department of Homeland Security.
“We consulted the private sector heavily,” Erickson told Government Technology. “They were very interested in partnership of this type and we took a look comprehensively at areas that had exposure, such as the financial sector, health care, [transportation, education, research, transportation and] software developers, and moved forward accordingly.”
The Cybersecurity Council will serve as an extension of the state’s 2015 cross-sector data-sharing pledge called the Indiana Sharing and Analysis Center (IN-ISAC). The IN-ISAC, which is a partnership that includes the Indiana Office of Technology, Indiana Department of Homeland Security, Indiana National Guard, Indiana State Police, Purdue University, Indiana University, the Indiana Intelligence Fusion Center and Intel Security, will work with the newly established council to harden the state’s cybersecurity posture, run exercises and generate new economic opportunities for the state’s economy. Economic development will opportunities will arise as a result of cross-agency collaboration, Erickson said.
“These initiatives are going to marry the public and private [sectors] together, and that will create more opportunity for positions that will help share data, analyze data," he said. "And the goal long-term is that we would retain and even attract talent outside of Indiana to come to Indiana and be part of this."
The groups will also test the state’s infrastructure through a program called critical infrastructure exercise (Crit-X).
“It’s going to involve a water utility, and we’re going to have hacking done on equipment that’s similar to what’s used on utilities now," Erickson explained. "And then it will be defended and we will do hot-washes afterward to find out where things went well and what needs to be improved."