Arizona builds security plan

S.B. 1123

Related Links

Although a bill failed that would have addressed the protection of Arizona's physical and electronic properties, the state is circulating security guidelines directing how agencies can share information and respond to cyberthreats.

That satisfies state Rep. Wes Marsh, who sponsored the House version of S.B. 1123, vetoed by Gov. Jane Dee Hull last week. The bill would have created a Statewide Infrastructure Protection Center (SIPC), a command and control structure charged with defending the state's physical and information resources in emergencies.

Rick Zelznak, the state's chief information officer, opposed the bill because he said if it passed, it would have been a setback for state security efforts.

Specifically, he said it did not provide funds to establish the SIPC or spell out how the state should use its existing resources and personnel. He said his department, the Government Information Technology Agency (, has been planning and drafting statewide security policies for protecting the information infrastructure.

Zelznak said the state has an incident response mechanism in place so that alerts can be sent out to agencies. It has a computer emergency response team (CERT), of sorts, composed of GITA, the attorney general's office, and the public safety and administration departments, to respond to cyberattacks, Zelznak said, adding that the state is also part of the FBI's intrusion-detection reporting program called InfraGuard.

He said GITA also has close ties with the emergency management division, which protects the state's physical infrastructures. He said the two agencies would work in concert if, for example, a cyber incident disables a dam and causes a flood.

This was the second bill Marsh sponsored to created a critical infrastructure protection plan by statute.

Under the bill, Marsh said Arizona would have been the first state to develop a coordinated approach to investigate and respond to cyberthreats and threats to physical infrastructures. It would have also created a single CERT and established an information-sharing link between the Arizona National Guard and the U.S. Defense Department.

He said technology is inextricably tied to the physical world and it's easy for hackers to interrupt delivery of services, such child support, tax refunds and emergency services, and cause rolling energy blackouts. "The bottom line is we need to protect the delivery of services, economic vitality and public safety," he said.


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.