The House and Senate agreed Tuesday to provide more than $87 million to fortify cybersecurity in Florida.
The latest agreement will provide $50 million to “Enterprise Cybersecurity Resiliency,” a broad agenda item that will roll out a slew of recommended projects, audits and software procurements.
The item is a product of the Florida Cybersecurity Task Force, which in 2021 delivered a detailed cybersecurity report to lawmakers. Of the $50 million pot, $25 million is a one-time appropriation.
The funding “will continue to improve upon the state’s cyber defense system, endpoint protection, cybersecurity training, vulnerability protection and monitoring, cyber threat tracking and creating the Security Operations Center,” explained Gov. Ron DeSantis’ Freedom First Budget proposal.
House and Senate budget chiefs — Sen. Kelli Stargel and Rep. Jay Trumbull — also agreed to provide $7 million toward a cybersecurity risk assessment.
The University of South Florida in Tampa will use the money to “conduct a comprehensive risk assessment of the state’s critical infrastructure and provide recommendations to support actionable solutions for improvement of the state’s preparedness and resilience to significant cybersecurity incidents,” according to the budget proposal.
Cybersecurity and government modernization are among the Governor’s priorities. In his budget proposal, DeSantis suggested lawmakers invest more than $50 million across a variety of state agencies.
“As cybersecurity threats continue to become more sophisticated, it is vital that Florida has the tools necessary to protect critical state resources and sensitive information,” DeSantis said.
Additionally, budget negotiators will provide a one-time payment of $30 million to provide cybersecurity training for state and local government employees.
Florida has experienced several cybersecurity attacks in recent years.
In October 2020, the Florida Department of Business and Professional Regulation (DBPR) fell victim to “malicious activity” orchestrated against the department’s data and systems.
The attack, which didn’t compromise anyone’s personal data, created temporary outages and left the department operating at a limited capacity for several weeks.
In November 2020, a hacker sent text messages through a custom-made communications application for the Division of Emergency Management reserved for emergencies only.