Cybersecurity issues a priority next session, two Iowa lawmakers say

House chambers at the Iowa State Capitol (Photo: Caroline Cummings).

Two Iowa lawmakers are pushing to address cybersecurity next legislative session, when the legislature resumes January 8.

"We couldn't sit by and idly let cybersecurity pass us by," said House Majority Whip Zach Nunn, a Republican from Bondurant.

"I think the cybersecurity issue in Iowa is so pervasive from small business owners to what just happened to the state," Nunn said, referring the breach of Iowa public employee's retirement accounts, where hackers stole hundreds of thousands from about 100 IPERS accounts.

Johnston Community School District's systems were also recently attacked. In that incident, hackers sent anonymous threatening text messages to parents and students in the district; schools closed as a result.

Nunn is working alongside State Rep. Chris Hall (D-Sioux City) to make enhancing protections to thwart cyberattacks in state government and agencies a bipartisan effort.

"With public safety and public security, those issues are going to be better served if it's a bipartisan approach," Hall said. “We’re going to have to learn as some of the people who try to threaten our state’s infrastructure also learn.”

The pair recently spent time at Microsoft's headquarters in Redmond, Washington, to discuss a host policy issues like cybersecurity. Lawmakers from other states also were in attendance and Nunn said threat is felt throughout the country.

"I think there was a big eye opener for everybody there, whether you worked in cybersecurity or were brand new to it, at the ultimate threat that is posed particularly at the state level."

Nunn said Iowa is a leader in cybersecurity efforts, like the 30-day window during which a state entity has to notify consumers or clients if data is breach. Only 20 other states have a mandatory notification period and the federal government does not, he said.

"Once a state entity like IPERS is breached, we must notify those customers within 30 days. That’s a very aggressive model when you’re talking about hundreds of thousands of people," he said.

But where Iowa shines, there still challenges and those issues are what he and Hall hope they can accomplish next session.

Educating Iowans for IT and other jobs relating to cybersecurity is a start.

“We’re going to have to figure out strategies as a state that works towards educating our students, making sure they’re ready for those jobs," Hall said, calling the education piece one of his biggest takeaways from the Microsoft site visit.

There are also talks of a long term security plan for the state so it is prepared for potential future attacks and enhancing network security. Another key component, though, that both legislators emphasized is increasing access.

“One of the takeaways we’ve identified here in Iowa is that affordable broadband across the state also needs to be a priority," Nunn said. "So it's a pairing, both the innovation and the security piece."

Nunn has a background in cybersecurity, having served on the National Security Council to tackle issues relating to cybersecurity.

close video ad
Unmutetoggle ad audio on off