The state employees who ‘live, breathe and bleed cybersecurity’

South Dakota’s frontline defenders in the cybersecurity battle sit in a darkened room in Sioux Falls. The team of 14 is surrounded by monitors to constantly scan for digital threats and daily hacking attempts against state government.

It’s pretty close to the stereotype you see in the movies, said Bureau of Information and Telecommunications Commissioner Jeff Clines.

“They do keep the lights off for some reason,” Clines joked. “So it is darker than normal in there.”

“But,” he added, “those are the people that live, breathe and probably bleed cybersecurity.”

After Noem turns down federal cyber money, lawmaker suggests using state funds

The collateral damage from cyberattacks can be severe for governments and businesses — disrupting essential services and compromising personal data. Data breaches can lead to financial losses, legal repercussions or physical harm if criminals target critical infrastructure.

Gov. Kristi Noem declared October Cybersecurity Awareness Month, highlighting how important cybersecurity is for everyone in South Dakota. The federal government has recognized October as Cybersecurity Awareness Month since 2004.

In addition to the BIT cybersecurity team — which South Dakota Searchlight was not allowed to photograph, due to security concerns — there are other IT specialists throughout state government that keep an eye on the network. The state also partners with Dakota State University to bolster local governments’ cybersecurity.

But the state turned down a federal grant program earlier this year that would support county and city government cybersecurity, citing administrative burdens and ongoing costs. State legislators plan to bring forth legislation to establish a state-funded cybersecurity grant program for local governments instead.

Most cyberattack attempts at the state level are caught through automation. The system is scanning 24/7 for malicious activity, Clines explained: “every application, every network in point, every server, every desktop computer.”

While the BIT cybersecurity team is the main unit protecting valuable state information, every state employee and state resident plays a role. BIT trains employees in good cyber hygiene and best practices, and much of what the bureau preaches about internal security applies to the public.

That includes good password hygiene — using a different, strong password for each site; keeping software up to date; not clicking on suspicious links; and using multifactor authentication.

The greatest risk to the state’s security, or any other entity’s security, is through an individual’s actions.

The state Boards and Commissions website, for example, was hacked earlier this summer, Clines said.

A group of hackers compromised a user’s credentials to log in and deface the site, he explained. The group of self-described “gay furries” targeted South Dakota and four other states because of the states’ track record on transgender issues.

“We have proudly defaced the South Dakota Boards and Commissions website! We left little special messages across their site,” the group wrote.

The group didn’t access sensitive information, but it showed the importance of being vigilant, Clines said.

“As individuals, we all have a stake in our own security and being aware of good cybersecurity practices,” Clines said. “The more we can all do to keep ourselves safe, the more impact we have on the state as a whole.”