An underwhelming number of states have created cybersecurity plans, implemented cybersecurity training programs, or otherwise stopped to assess what threats may emerge in our interconnected world. Fortunately, Utah is one of the few taking proactive steps to enhance its cyber resilience.
Last year, Utah directed the State Auditor to investigate both its data collection and protection, and its cybersecurity preparedness. The results were dismal, as we’ve written in the past.
But instead of sweeping the problem under the rug, Utah took a significant step forward this year by passing HB 239. The bill, sponsored by Representative Carl Albrecht, requires all state employees to undergo cybersecurity training. Of course, this may sound miniscule, but when considering the outsized impact a cyberattack has on critical infrastructure and our most sensitive data, a little goes a long way.
Moving forward, more work remains. But Utah’s state employee cybersecurity training bill is a positive step forward for all states to follow.
Senior Policy Analyst
Caden is the Technology and Innovation Policy Analyst at Libertas Institute. He previously worked at the Center for Growth and Opportunity at Utah State University as well as TechFreedom while earning his JD from American University Washington College of Law.