Senate Bill 52, sponsored by Sen. Theresa Gavarone (R., Bowling Green), now returns to the Senate for consideration of House changes. The bill passed the upper chamber unanimously earlier this year.
A city’s mayor could ask the governor to call out the Ohio Cyber Reserve if the city finds itself in over its head in fending off or mitigating a ransomware attack or other cyberintrusion, much as governments can now ask for help after natural disasters.
“By their nature, elections are vulnerable to threats both foreign and domestic,” Rep. Doug Green (R., Mt. Orab) said. “Creating the Ohio Cyber Reserve allows for preparedness in mitigating those cyberattacks and ensures Ohio’s voters that their elections are secure and accessible.”
The team members will likely come from the private sector and, as with their fellow Guard reserve, would be deployed as needed. They would be paid while deployed, but their hours are not expected to exceed the 176 hours of annual military leave that is generally afforded public employees.
The reserve would also work proactively to help detect threats already lingering on a network and assist governmental entities in securing their information systems against intrusion.
While based within the Guard, the reserve would consist of four regional teams with 10 cybersecurity experts each.
“No system of government is realized to be legitimate unless those people who vote in elections see those elections as being treated in a fair and decent manner,” Rep. Mike Sheehy (D., Oregon) said. “We have seen in the last presidential election where…there’s been a challenge by a foreign puppet government to influence our very elective processes here in the state of Ohio and nationwide.
“This is an answer to that terrible threat to democracy,” he said.
The bill was requested by Secretary of State Frank LaRose in advance of the 2020 presidential election. It also includes a requirement that post-election audits be conducted in at least three local races each year to ensure votes were properly counted.
The bill also requires the hiring of a chief information security officer within the secretary of state’s office to work with county boards of elections to ward off intrusions.
Despite actions to shore up Ohio’s cyber-response, Mr. LaRose has generally voiced confidence in the security of Ohio’s elections system, particularly since voting and tabulation machines are not connected to the Internet.
The bill appropriates $100,000 for the current fiscal year that began on July 1 and $550,000 for 2021 for the cyber-reserve’s operation and $75,000 over the next two years to reimburse county boards of elections for their post-election audit costs.
“Make no mistake— our enemies, both foreign and domestic, are working every single day to break into our computer systems,” Mr. LaRose said after the vote. “We have to be prepared, and with the creation of Ohio’s Cyber Reserve we will be ready to fight back. By unanimously passing this legislation, Ohio is a big step closer to where we need to be as we get ready for the 2020 elections, and protect Ohio’s critical infrastructure.”
©2019 The Blade (Toledo, Ohio). Distributed by Tribune Content Agency, LLC.