- Arkansas reported 130 cyberattacks against state and local government in a 12-month period, over double the reported incidents from the previous year.
- The state has implemented measures such as new legislation requiring reporting of cyber threats and the establishment of the Arkansas Cyber Response Board to address the growing cybersecurity threats.
- Arkansas colleges and universities are now offering degrees and certificates in cybersecurity to address the need for trained professionals in this area.
In a recent report, it was revealed that Arkansas experienced 130 reported cyberattacks against state and local government within a 12-month period. This was more than double the number of incidents reported in the previous year. These incidents ranged from severe security breaches to minor attempts to hack into a government website.
In response to the escalating cyber threats, the state has ramped up its cybersecurity programs. In 2021, Arkansas legislature required the reporting of cyber threats against public institutions to help security officials assess incidents and improve their preventive measures. The type of threats is constantly evolving and the total number of threats has been increasing, an auditor highlighted to legislature members, underlining the importance of adequate preparation to prevent significant disruptions in government services due to cyberattacks.
Among the most serious cyberattacks that the state suffered, one involved a vendor offering computer services to 72 Arkansas counties, which was subjected to a ransomware attack that shut down online services for several days. In some counties, services were lost for weeks or months. The other notable attack was against the Little Rock School District, where hackers were allegedly paid a $250,000 ransom.
To strengthen its cybersecurity response, the legislature passed two major measures this year. Act 846 led to the formation of the Arkansas Cyber Response Board that will manage a self-funded insurance program protecting counties, cities and schools from damages caused by cyberattacks. To participate in this program, government entities will be required to upgrade their computer systems to meet certain security standards. Additionally, Act 504 of 2023 mandates local governments to develop policies governing their use of technology and their approach to cybersecurity.
To deal with these issues, Arkansas colleges and universities now offer a variety of degrees and certificates in cybersecurity. For instance, Southern Arkansas University provides a Master of Science degree in Computer and Information Science with a cybersecurity and privacy specialization.