Phishing for more protection: NM cybersecurity policies

Gov. Michelle Lujan Grisham, left, pocket vetoed cybersecurity legislation from Sen. Michael Padilla, D-Albuquerque, middle, in the 2024 session. They previously testified together in support of a housing bill.

Eddie Moore/Journal

Megan Gleason Megan Gleason Megan Gleason Journal Staff Writer

Published September 14, 2024 - 4:16 p.m. Modified September 14, 2024 - 4:16 p.m.

In a digital age with constant cyber threats, New Mexico has a slew of cybersecurity standards and precautions set in place.

Led by the Office of Cybersecurity, part of the New Mexico Department of Information Technology, some of the state initiatives are relatively new, like the statewide cybersecurity plan.

The cybersecurity office released the plan in September 2023. It aims to protect state technology from threats by enhancing detection and remediation of exposures, improve resilience and develop risk management strategies, according to DoIT.

The office’s services are also available for public and charter schools, higher educational institutions and local government entities, like cities and counties.

The Office of Cybersecurity itself is also fairly new. Lawmakers created the office with the 2023 Cybersecurity Act, assigning the agency the task of overseeing cyber- and information-security functions for state agencies not already outlined under federal law.

The cybersecurity office can adopt minimum security, data classification and cybersecurity awareness policies for the state.

The 2023 bill sponsors, Sen. Michael Padilla and Rep. Debbia Sarinana, who are both Democrats, tried in the 2024 session to amend the previous year’s bill, requiring more cybersecurity rules, review of legislative appropriation requests related to cybersecurity and information security, and updating technical definitions.

Gov. Michelle Lujan Grisham ultimately pocket vetoed the bill, one of three bills she didn’t let through. Padilla at the time told the Journal he was surprised the legislation made it that far at all as it had a lot of issues. He wants to sponsor a larger IT and information security package next year, if re-elected.

There’s been other traction on the cyber front, like Lujan Grisham’s April executive order directing state agencies to adhere to federal technology standards around cybersecurity, information security and privacy policies. Agencies must certify compliance by November and every year after.

“Cybersecurity is not just a technological issue; it’s a matter of public safety and national security,” Lujan Grisham said in an April statement.

What laws or policies do you want to see written about in Business Outlook? Send an email to mgleason@abqjournal.com.

business technology

Phishing for more protection: NM cybersecurity policies

Man charged in 2023 shooting death

Clovis man charged with vehicular homicide in crash that killed brother

$1.5M broadband grant serves Silver City students

Nomination deadline extended for 2026 Top Workplaces

Talking Grammer, Ep. 124: UNM Lobos assistant Scott Waterman

'Breaking Bad'-themed anti-littering campaign leads to removal of more than 10.5 million pounds of trash

MMA fighters turned boxers collide

Quirky Books encampment court ordered to clear out

Lobos land commitments from Iowa State tight end, USC cornerback

Jurors convict man in fatal stabbing on an ABQ bus

Senate pushes back on Trump's military threats against Venezuela with war powers vote

Where do the Lobos stand after first week of transfer portal?

'He loved the people of New Mexico': Former activist, politician Roberto Mondragón dies

Ex-Navy SEAL's fireworks trial nears conclusion