Nebraska Senator Proposes Hiring an Ethical Hacker to Secure State Computer Systems

Nebraska State Senator Loren Lippincott recently introduced a bill to the Nebraska Legislature’s government committee, proposing the allocation of $200,000 to hire an ethical hacker to test the state’s computer network, election equipment, and software for vulnerabilities. This idea was inspired by his nephew, who has experience in similar work.

The need for cybersecurity measures has become increasingly crucial for state and local election officials across the country. The potential threats include cyberattacks from foreign governments, criminal ransomware gangs, and election misinformation that can undermine public confidence and even lead to harassment of election officials.

The proposal comes on the heels of FBI Director Christopher Wray’s warning that Chinese government hackers are targeting critical U.S. infrastructure, including water treatment plants, the electrical grid, and transportation systems. The hearing for the bill was also held on the same day that the U.S. Cybersecurity and Infrastructure Security Agency launched a program aimed at boosting election security in the states and after a recent cyberattack on government operations in Georgia that created some elections challenges ahead of that state’s March presidential primary.

Lippincott believes that an ethical hacker can find vulnerabilities that can be fixed before they can be exploited by bad actors. He explained, “They can say, ‘Here’s the hole in the dike.'” The bill also allows for hiring a security company that provides hackers to find weaknesses in the state’s system.

The Nebraska bill is accompanied by an $11 million cybersecurity bill that would give the state’s chief information officer, local governments, and school districts more ability to bolster cybersecurity through the purchase of security software and hardware, training, and preparedness drills.

The bills drew a handful of supporters and no opponents at Thursday’s hearing. The committee will decide in the coming days whether to advance the proposals. If advanced, they would have to survive three rounds of debate to be passed in Nebraska’s unique one-chamber Legislature.

The idea of hiring an ethical hacker to test the security of computer systems is not new. In fact, Missouri is the only state known to have hired a company that employs “white hat hackers” to provide this service. However, the concept of a state hiring an individual ethical hacker is a novel approach.

The use of ethical hackers, also known as white-hat hackers, has gained popularity in recent years as organizations recognize the importance of proactively identifying and addressing vulnerabilities in their systems. Ethical hackers use their skills to help organizations improve their security by finding weaknesses and reporting them so that they can be fixed.

The demand for ethical hackers is on the rise, with the Bureau of Labor Statistics projecting a 32% growth in employment of information security analysts, which includes ethical hackers, between 2019 and 2029. The average salary for an ethical hacker in the United States is around $95,000 per year, according to Glassdoor.

The hiring of an ethical hacker by a state government is a significant investment, but it is one that could potentially save the state from costly cyberattacks and the damage to public trust that can result from such incidents. The cost of a cyberattack can be substantial, with the average cost of a data breach reaching $3.86 million, according to a study by IBM and Ponemon Institute.

The use of ethical hackers is not limited to the United States. Governments and organizations around the world are recognizing the value of ethical hackers in securing their systems. For example, the United Kingdom’s National Cyber Security Centre runs a program called “CyberPatriot,” which encourages students to compete in cybersecurity challenges and offers scholarships to those who excel. The European Union also has a program called “European Cybersecurity Month,” which aims to raise awareness of cybersecurity threats and promote best practices.

In conclusion, the proposal by Nebraska State Senator Loren Lippincott to hire an ethical hacker to test the state’s computer systems for vulnerabilities is a bold and innovative approach to cybersecurity. The idea is gaining traction as organizations and governments recognize the importance of proactively identifying and addressing vulnerabilities in their systems. The use of ethical hackers is a significant investment, but it is one that could potentially save states and organizations from costly cyberattacks and the damage to public trust that can result from such incidents. The demand for ethical hackers is on the rise, and their skills will be crucial in the fight against cybercrime.