Arizona announced Monday that it will use a single cybersecurity firm to monitor and manage the risks to computer systems in all 133 state agencies. The company, RiskSense, is based in neighboring New Mexico and was chosen over other potential vendors in part because of its software that rates a network’s vulnerability to cyberattacks with a proprietary scoring metric modeled on personal-credit ratings. “I can have productive business conversations with people who know little about IT and security,” Mike Lettman, Arizona’s chief information security officer, said in a press release.
The Arizona Department of Administration, which manages state-government functions, estimates it receives about 500 Trojan horse hacking attempts and 200 “brute force” attempts every day, plus about 35,000 malware attacks monthly. Arizona’s government owns about 100,000 IT assets.
The state’s election database has also been targeted in high-profile cyberattacks leading up to the 2016 presidential election. On Sunday, “60 Minutes” reported that Arizona was one of four states where elections systems were successfully penetrated by hackers working for the Russian government, though the Department of Homeland Security later told Reuters that the Arizona infiltration was the work of criminals instead of the Kremlin. (The other three states were Illinois, Tennessee and Florida.)